The vulnerability in the ether.cgi script of NETGEAR R8500 router software allows a hacker to execute arbitrary commands.

The vulnerability of the ether.cgi script in NETGEAR R8500 router microprogramming software relates to the failure to take measures to neutralize special elements used in the operating system’s processing of the wangateway parameter. Exploiting this vulnerability allows a remote attacker to execu...

CVE-2024-51009

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-51009

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

NETGEAR R8500 安全漏洞

The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the wangateway parameter in the ether.cgi component failing to correctly filter constructed command special characters, commands, and so on. An attacker...

CVE-2024-51009

Netgear R8500 v1.0.2.160 is affected by a command-injection vulnerability in the ether.cgi endpoint, exploitable via the wan_gateway parameter. Root cause across sources is improper handling/filtering of command-related characters, enabling arbitrary OS command execution through a crafted request...

PT-2024-8525 · NetGear · Netgear R8500

Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Description: A command injection issue has been discovered in the wan gateway parameter at the "ether.cgi" endpoint. This allows attackers to execute arbitrary OS commands via a crafted request. The vulnerabili...