CVE-2024-35519

Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operatingmode.cgi via the apmode parameter...

CVE-2024-35522

Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operatingmode.cgi via the apmode parameter with ap24gmanual set to 1 and ap24gmanualsec set to NotNone...

The vulnerability in the operating_mode.cgi script of NETGEAR’s router microprogramming devices EX6120, EX6100, and EX3700 allows a hacker to execute arbitrary commands.

The vulnerability of the operatingmode.cgi script in NETGEAR’s microprogrammed router devices, such as EX6120, EX6100, and EX3700, is related to the lack of measures taken to protect data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-35522

Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operatingmode.cgi via the apmode parameter with ap24gmanual set to 1 and ap24gmanualsec set to NotNone...

PT-2024-7144 · NetGear · Netgear Ex3700 +2

Name of the Vulnerable Software and Affected Versions: Netgear EX6120 version 1.0.0.68 Netgear EX6100 version 1.0.2.28 Netgear EX3700 version 1.0.0.96 Description: The issue is related to a command injection flaw in the operating mode.cgi script of Netgear EX Series Wi-Fi Extenders. This flaw is...

PT-2024-7222 · NetGear · Netgear Ex3700

Name of the Vulnerable Software and Affected Versions: Netgear EX3700 versions prior to 1.0.0.98 Description: The issue is related to a lack of input sanitization in the operating mode.cgi script of the NETGEAR EX3700 router's firmware. This can be exploited by a remote attacker to execute...