R8500
This hub aggregates every CVE we track for R8500, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
46
CVEs tracked
6
Critical
16
High
1
In CISA KEV
Severity distribution
MEDIUM24HIGH16CRITICAL6
Monthly trend
0
0
0
0
25
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting R8500.
- CVE-2026-0417Insufficient input validation in certain NETGEAR routers4.5
- CVE-2026-9210Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router4.5
- CVE-2024-50998Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpn_service_port and openvpn_service_port_tun parameters. These v...5.7
- CVE-2024-51009Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands ...8.0
- CVE-2024-51002Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allow...5.7
- CVE-2024-51004Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters...5.7
- CVE-2024-50999Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS comma...5.7
- CVE-2024-50995Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the share_name parameter at usb_remote_smb_conf.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) v...5.7
- CVE-2024-51010Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway...8.0
- CVE-2024-50993Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at admin_account.cgi. This vulnerability allows attackers to execute arbitrary OS ...8.0
- CVE-2024-52014Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability...5.7
- CVE-2024-52020Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wan_gateway parameter at wiz_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS comman...8.0
- CVE-2024-52015Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability a...5.7
- CVE-2024-50994Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_leng...5.7
- CVE-2024-50997Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allow...5.7
Product normalization is registry-driven with AI assist and human review. How it works