3 matches found
CVE-2020-27861
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UAParser utility. A crafted Host Name option in a DHCP reque...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UAParser utility. A crafted Host Name option in a DHCP reque...
CVE-2020-27861
NETGEAR Orbi devices running 2.5.1.16 are affected by CVE-2020-27861. The flaw resides in the UA_Parser utility, where a crafted Host Name option in a DHCP request can trigger a system call composed from a user-supplied string, allowing unauthenticated, remote code execution with root privileges....