Lucene search
K

8 matches found

BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.7 views

The vulnerability in the genie_dyn.cgi script of the Netgear XR300 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the geniedyn.cgi script of the Netgear XR300 router software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the parameter systemname. Exploiting this vulnerability allows a remote attacker to execute arbitrar...

8CVSS5.9AI score0.0159EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/11/05 3:15 p.m.4 views

CVE-2024-52018

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at geniedyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

8CVSS6AI score0.0159EPSS
Exploits0References2
NVD
NVD
added 2024/11/05 3:15 p.m.26 views

CVE-2024-51008

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at wizdyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

8CVSS0.00935EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/05 12:0 a.m.17 views

CVE-2024-52018

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at geniedyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

0.0159EPSS
Exploits0References2
CVE
CVE
added 2024/11/05 12:0 a.m.62 views

CVE-2024-52018

CVE-2024-52018 affects Netgear XR300 v1.0.3.78. A command-injection vulnerability exists in the genie_dyn.cgi endpoint through the system_name parameter, allowing an attacker to execute arbitrary OS commands via a crafted request. From the provided documents, the CVSS v3.1 base score is 8.0 (HIGH...

8CVSS8.3AI score0.0159EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/11/05 12:0 a.m.10 views

CVE-2024-51008

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at wizdyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

0.00935EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/05 12:0 a.m.15 views

CVE-2024-52018

Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the systemname parameter at geniedyn.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

8.7AI score0.0159EPSS
Exploits0References2
exploitpack
exploitpack
added 2010/11/30 12:0 a.m.11 views

DynPG 4.2.0 - Multiple Vulnerabilities

DynPG 4.2.0 - Multiple Vulnerabilities Vulnerability ID: HTB22703 Reference: http://www.htbridge.ch/advisory/lfiindynpg.html Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability Type: Local File Inclusion Status: Fixe...

7.6AI score
Exploits0
Rows per page
Query Builder