Описание
NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters.
Ссылки
- Broken LinkURL Repurposed
- ExploitThird Party Advisory
- Vendor Advisory
- Broken LinkURL Repurposed
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.3.12_10.1.11 (включая)
Одновременно
cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.0.4.52_10.0.93 (включая)
Одновременно
cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01608
Низкий
8.8 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters.
EPSS
Процентиль: 81%
0.01608
Низкий
8.8 High
CVSS3
Дефекты
CWE-78