Command injection

2020-10-0907:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24.

CPENameOperatorVersion
wc7500_firmwarelt6.5.5.24
wc7600_firmwarelt6.5.5.24
wc7600v2_firmwarelt6.5.5.24
wc9500_firmwarelt6.5.5.24

Name	Operator	Version
wc7500_firmware	lt	6.5.5.24
wc7600_firmware	lt	6.5.5.24
wc7600v2_firmware	lt	6.5.5.24
wc9500_firmware	lt	6.5.5.24

References

kb.netgear.com/000062330/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Wireless-Controllers-PSV-2020-0139