20 matches found
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50999
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50999
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-50993
CVE-2024-50993 affects Netgear R8500 (v1.0.2.160). The issue is a command injection in the sysNewPasswd parameter of the admin_account.cgi endpoint that enables arbitrary OS command execution. The CVSS 3.1 score is 8.0 (High) with adjacent access, low attack complexity, and no user interaction re...
CVE-2024-50999
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
NETGEAR R8500 安全漏洞
NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in NETGEAR R8500 version v1.0.2.160, which originates from the sysNewPasswd parameter in the password.cgi component containing a command injection vulnerability...
PT-2024-8320 · NetGear · Netgear R8500
Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This allows a remote attacker to execute arbitrary commands by sending a specially...
NETGEAR R8500 安全漏洞
The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the sysNewPasswd parameter in the adminaccount.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...
PT-2024-8367 · NetGear · Netgear R8500
Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Description: The issue is related to a command injection vulnerability in the sysNewPasswd parameter at the "admin account.cgi" endpoint. This vulnerability allows attackers to execute arbitrary OS commands via...
CVE-2022-27945
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi...
CVE-2022-27946
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...
CVE-2022-27945
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi...
CVE-2022-27946
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...
CVE-2022-27946
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...
CVE-2022-27945
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi...
NETGEAR R8500 操作系统命令注入漏洞
The NETGEAR R8500 is a wireless router from the American company Netgear. A security vulnerability exists in the NETGEAR R8500 that can be exploited to execute arbitrary commands e.g., telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters of adminaccount.cgi...
NETGEAR R8500 操作系统命令注入漏洞
The NETGEAR R8500 is a wireless router from the American company Netgear. A security vulnerability exists in the NETGEAR R8500, which can be exploited by an attacker to execute arbitrary commands e.g. telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters of...