Command injection

2021-03-2307:15:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76.

CPENameOperatorVersion
wnr2000v5_firmwarelt1.0.0.76
xr450_firmwarelt2.3.2.114
xr500_firmwarelt2.3.2.114

Name	Operator	Version
wnr2000v5_firmware	lt	1.0.0.76
xr450_firmware	lt	2.3.2.114
xr500_firmware	lt	2.3.2.114

References

kb.netgear.com/000063023/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2020-0595