exploitDog

CVE-2023-38928

Опубликовано: 07 авг. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi.

Ссылки

https://github.com/FirmRec/IoT-Vulns/tree/main/netgear/usb_remote_invite_password
Third Party Advisory
https://www.netgear.com/about/security/
Vendor Advisory
https://github.com/FirmRec/IoT-Vulns/tree/main/netgear/usb_remote_invite_password
Third Party Advisory
https://www.netgear.com/about/security/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.78:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01639

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-6v9m-hjp3-4h7f

CVSS3: 9.8

github

больше 2 лет назад

Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi.

EPSS

Процентиль: 82%

0.01639

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-77