Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

BDU FSTEC
BDU FSTECadded 2024/11/19 12:0 a.m.5 views

The vulnerability in the genie_dyn.cgi script of the Netgear XR300 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the geniedyn.cgi script of the Netgear XR300 router software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the parameter systemname. Exploiting this vulnerability allows a remote attacker to execute arbitrar...

8CVSS5.9AI score0.0159EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2024/11/07 12:0 a.m.7 views

NETGEAR XR300 genie_dyn.cgi component command injection vulnerability

The NETGEAR XR300 is a wireless router from NETGEAR. A command injection vulnerability exists in NETGEAR XR300 v1.0.3.78, which stems from the systemname parameter in the geniedyn.cgi component failing to properly filter constructed command special characters, commands, and so on. An attacker cou...

8CVSS7.4AI score0.0159EPSS
Exploits0References1
OSV
OSVadded 2024/11/05 3:15 p.m.3 views

CVE-2024-52018

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at geniedyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

8CVSS6AI score0.0159EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/11/05 12:0 a.m.3 views

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is a wireless router from NETGEAR. A command injection vulnerability exists in NETGEAR XR300 v1.0.3.78, which stems from the systemname parameter in the geniedyn.cgi component failing to properly filter constructed command special characters, commands, and so on. An attacker cou...

8CVSS7.8AI score0.0159EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/11/05 12:0 a.m.13 views

CVE-2024-52018

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at geniedyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

8.7AI score0.0159EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/11/05 12:0 a.m.15 views

CVE-2024-52018

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at geniedyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

0.0159EPSS
Exploits0References2
CVE
CVEadded 2024/11/05 12:0 a.m.59 views

CVE-2024-52018

CVE-2024-52018 affects Netgear XR300 v1.0.3.78. A command-injection vulnerability exists in the genie_dyn.cgi endpoint through the system_name parameter, allowing an attacker to execute arbitrary OS commands via a crafted request. From the provided documents, the CVSS v3.1 base score is 8.0 (HIGH...

8CVSS8.3AI score0.0159EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder