11 matches found
CVE-2022-27946
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
NETGEAR R8500 admin_account.cgi Component Command Injection Vulnerability
The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the sysNewPasswd parameter in the adminaccount.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
CVE-2024-50993 affects Netgear R8500 (v1.0.2.160). The issue is a command injection in the sysNewPasswd parameter of the admin_account.cgi endpoint that enables arbitrary OS command execution. The CVSS 3.1 score is 8.0 (High) with adjacent access, low attack complexity, and no user interaction re...
NETGEAR R8500 安全漏洞
The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the sysNewPasswd parameter in the adminaccount.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...
Command injection
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...
CVE-2022-27946
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...
NETGEAR R8500 操作系统命令注入漏洞
The NETGEAR R8500 is a wireless router from the American company Netgear. A security vulnerability exists in the NETGEAR R8500 that can be exploited to execute arbitrary commands e.g., telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters of adminaccount.cgi...