Remote Command Execution Vulnerability in NETGEAR DGN2200 Devices
CVE-2017-6077
Key Information:
- Vendor
Netgear
- Status
- Vendor
- CVE Published:
- 22 February 2017
Badges
What is CVE-2017-6077?
The NETGEAR DGN2200 devices with specific firmware versions contain a vulnerability in the ping.cgi script, allowing unauthorized execution of arbitrary OS commands. This occurs when remote authenticated users manipulate the ping_IPAddr field in an HTTP POST request with shell metacharacters. This vulnerability poses a significant risk, as it can lead to full system compromise if exploited.
CISA has reported CVE-2017-6077
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-6077 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
89% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 🟡
Public PoC available
Vulnerability published
Vulnerability Reserved