Command injection

2020-10-0907:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.7%

JSON

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.

CPENameOperatorVersion
rbk852_firmwarelt3.2.16.6
rbr850_firmwarelt3.2.16.6
rbs850_firmwarelt3.2.16.6

Name	Operator	Version
rbk852_firmware	lt	3.2.16.6
rbr850_firmware	lt	3.2.16.6
rbs850_firmware	lt	3.2.16.6

References

kb.netgear.com/000062347/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0264