NETGEAR EX6120 Firmware 1.0.0.68

CPE Details

NETGEAR EX6120 Firmware 1.0.0.68
netgear
ex6120_firmware
1.0.0.68
2023-04-04
11h44 +00:00
2023-05-11
16h04 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:netgear:ex6120_firmware:1.0.0.68:*:*:*:*:*:*:*

Informations

Vendor

netgear

Product

ex6120_firmware

Version

1.0.0.68

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-4139 2025-04-30 20h31 +00:00 A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Affected by this vulnerability is the function fwAcosCgiInbound. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
8.7
High
CVE-2024-35518 2024-10-14 00h00 +00:00 Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter.
8.4
High
CVE-2024-35519 2024-10-14 00h00 +00:00 Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
8.4
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.