The vulnerability in the genie_fix2.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 allows a hacker to execute arbitrary commands.

The vulnerability of the geniefix2.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 lies in the lack of measures taken to neutralize special elements used in the operating system’s commands when processing the wangateway parameter. Exploiting this vulnerability allows a remot...

CVE-2024-51021

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

NETGEAR R8500 安全漏洞

The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the wangateway parameter in the geniefix2.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...

PT-2024-8275 · NetGear · Netgear R8500

Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Description: The issue is related to a command injection vulnerability in the wan gateway parameter at the "genie fix2.cgi" endpoint. This allows attackers to execute arbitrary OS commands via a crafted request...