Netgear Wnr854t Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Netgear Wnr854t Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in Netgear Wnr854t Firmware. Last year, in 2025 Wnr854t Firmware had 8 security vulnerabilities published. Right now, Wnr854t Firmware is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 8 | 0.00 |
It may take a day or so for new Wnr854t Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Netgear Wnr854t Firmware Security Vulnerabilities
Netgear WNR854T 1.5.2 Stack Bof in parse_st_header
CVE-2024-54809
- March 31, 2025
Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands.
Stack Buffer Overflow in Netgear WNR854T 1.5.2 (SetDefConnS)
CVE-2024-54808
- March 31, 2025
Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.
Netgear WNR854T 1.5.2 UPNP Command Injection via AddPortMapping SOAPAction
CVE-2024-54807
- March 31, 2025
In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request for AddPortMapping via the router's WANIPConn1 service to achieve arbitrary command execution.
Netgear WNR854T 1.5.2 Arbitrary CMD Exec via cmd.cgi
CVE-2024-54806
- March 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface.
Netgear WNR854T Command Injection via post.cgi (v1.5.2)
CVE-2024-54805
- March 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter get_email. After which, they can visit the send_log.cgi endpoint which uses the parameter in a system call to achieve command execution.
Netgear WNR854T 1.5.2 Command Injection via post.cgi (WAN Hostname)
CVE-2024-54804
- March 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter wan_hostname and forcing a reboot. This will result in command injection.
Netgear WNR854T 1.5.2 Command Injection via post.cgi
CVE-2024-54803
- March 31, 2025
Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoe_peer_mac and forcing a reboot. This will result in command injection.
Netgear WNR854T 1.5.2: UPNP Host Header Buffer Overflow
CVE-2024-54802
- March 31, 2025
In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Netgear Wnr854t Firmware or by Netgear? Click the Watch button to subscribe.
