Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:netgear_nighthawk_wifi6_router_(rax30):*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductNetgear Nighthawk Wifi6 Router (Rax30) (fb7921e5-8b7a-535f-8144-4f249a612a66)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-28338 vulnerable 2026-06-08 06:01:10.377214 Details available
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting in the device becoming unusable until it is rebooted.
Published: 2023-03-15T00:00:00.000Z
Updated: 2025-02-27T14:20:22.028Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-28337 vulnerable 2026-06-08 06:01:10.376742 Details available
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the device.
Published: 2023-03-15T00:00:00.000Z
Updated: 2025-02-27T14:21:15.899Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.