CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
Percentile
29.3%
An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to replace the user-uploaded firmware image with an original old firmware image. This affects Firmware 1.1.1_1.1.9 and earlier.
Vendor | Product | Version | CPE |
---|---|---|---|
netgear | wpn824ext_firmware | * | cpe:2.3:o:netgear:wpn824ext_firmware:*:*:*:*:*:*:*:* |
netgear | wpn824ext | - | cpe:2.3:h:netgear:wpn824ext:-:*:*:*:*:*:*:* |