exploitDog

GHSA-f45w-55jr-pvp2

Опубликовано: 28 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.

Ссылки

EPSS

Процентиль: 65%

0.00501

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2025-28219

CVSS3: 9.8

nvd

11 месяцев назад

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.

EPSS

Процентиль: 65%

0.00501

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78