Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-51148

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.28986EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/05 10:28 a.m.6 views

CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

9.8CVSS9.2AI score0.28986EPSS
Exploits1References1
CNVD
CNVD
added 2025/01/21 12:0 a.m.6 views

NETGEAR DGN1000 Command Injection Vulnerability (CNVD-2025-02105)

The NETGEAR DGN1000 is a wireless router from NETGEAR for home and small office networking. An authentication bypass vulnerability exists in the NETGEAR DGN1000 prior to version 1.1.00.48. An attacker can exploit this vulnerability to take full control of the device by sending a constructed HTTP...

9.8CVSS7.8AI score0.28986EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.6 views

The vulnerability of the embedded software of NETGEAR DGN1000 lies in the ability to bypass the authentication process by using an alternative path or channel, allowing a hacker to execute arbitrary code.

The vulnerability of the embedded software of NETGEAR DGN1000 lies in the ability to bypass the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HTTP requests remotely...

10CVSS8.4AI score0.28986EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/01/10 8:15 p.m.17 views

CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

9.8CVSS0.28986EPSS
Exploits1References4
OSV
OSV
added 2025/01/10 8:15 p.m.8 views

CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

9.8CVSS6AI score0.28986EPSS
Exploits1References4
CVE
CVE
added 2025/01/10 7:36 p.m.88 views

CVE-2024-12847

The vulnerability CVE-2024-12847 affects NETGEAR DGN1000 routers (prior to firmware version 1.1.00.48). The issue is an authentication bypass in the setup.cgi endpoint that lets a remote, unauthenticated attacker execute arbitrary OS commands as root. Impact is described as remote command executi...

9.8CVSS9.1AI score0.28986EPSS
In wildExploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/10 7:36 p.m.16 views

CVE-2024-12847 NETGEAR DGN setup.cgi OS Command Injection

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

9.8CVSS9.1AI score0.28986EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/01/10 7:36 p.m.27 views

CVE-2024-12847 NETGEAR DGN setup.cgi OS Command Injection

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

9.8CVSS0.28986EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.6 views

PT-2025-1029

Name of the Vulnerable Software and Affected Versions NETGEAR DGN1000 versions prior to 1.1.00.48 Description The NETGEAR DGN1000 router contains a flaw that allows bypassing the authentication process through the use of an alternative path or channel. Exploitation of this issue enables a remote,...

9.8CVSS9.3AI score0.28986EPSS
Exploits1References33
CNNVD
CNNVD
added 2025/01/10 12:0 a.m.5 views

NETGEAR DGN1000 访问控制错误漏洞

The NETGEAR DGN1000 is a wireless router from NETGEAR for home and small office networking. An authentication bypass vulnerability exists in the NETGEAR DGN1000 prior to version 1.1.00.48. An attacker can exploit this vulnerability to take full control of the device by sending a constructed HTTP...

9.8CVSS9.2AI score0.28986EPSS
Exploits1References5
CNVD
CNVD
added 2021/05/14 12:0 a.m.3 views

Weak Password Vulnerability in NETGEAR DGN1000

The NETGEAR DGN1000 is a wireless router. A weak password vulnerability exists in the NETGEAR DGN1000. An attacker can use the weak password to log into the backend and obtain sensitive information...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/08 6:46 p.m.75 views

Dark_Nexus Botnet Compromises Thousands of ASUS, D-Link Routers

A new botnet has compromised hundreds of ASUS, D-Link and Dasan Zhone routers over the past three months, as well as Internet of Things IoT devices like video recorders and thermal cameras. The botnet, called darknexus based on a string it prints in its banner, uses processes similar to previous...

10CVSS0.97136EPSS
Exploits16References13
VulnCheck KEV
VulnCheck KEV
added 2017/11/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild...

9.8CVSS7.6AI score0.28986EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2017/10/25 12:0 a.m.42 views

Netgear DGN1000 Setup.cgi Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear DGN1000 Setup.cgi Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated OS command execution vulneralbility in...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/10/25 12:0 a.m.144 views

Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear DGN1000 Setup.cgi Unauthenticated RCE', 'Description' = %q This module exploits an unauthenticated OS command execution vulneralbility in...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2017/10/19 1:37 a.m.34 views

Netgear DGN1000 Setup.cgi Unauthenticated RCE

This module exploits an unauthenticated OS command execution vulneralbility in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5AI score
Exploits0
Rows per page
Query Builder