Lucene search

K
cve[email protected]CVE-2022-30079
HistorySep 08, 2022 - 12:15 p.m.

CVE-2022-30079

2022-09-0812:15:08
CWE-78
web.nvd.nist.gov
31
2
cve-2022-30079
netgear r6200 v2
command injection
firmware vulnerability
authenticated attackers

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

0.09 Low

EPSS

Percentile

94.6%

Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter.

Affected configurations

NVD
Node
netgearr6200Matchr6200v2-v1.0.3.12
AND
netgearr6200Matchv2

Social References

More

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

0.09 Low

EPSS

Percentile

94.6%