Remote code execution

2020-04-2215:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler.

CPENameOperatorVersion
xr500_firmwarelt2.3.2.32

CPE	Name	Operator	Version
	xr500_firmware	lt	2.3.2.32

References

kb.netgear.com/000060241/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-XR500-PSV-2018-0313