Netgear.Router.IPv6.Fix.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in Netgear R6250, D6220, D8500, R6700 and R6900.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote, authenticated attacker may be able to exploit this to execute arbitrary commands within the context of system.
Affected Products
Netgear R6250 version 1.0.4.48
Netgear D6220 version 1.0.0.80
Netgear D8500 version 1.0.3.60
Netgear R6700 version 1.0.2.26
Netgear R6900 version 1.0.2.26
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently, we are unaware of any vendor supplied patch or updates available for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |