Command Injection Vulnerability in NETGEAR WiFi Systems
CVE-2020-14433

8.4HIGH

Key Information:

Vendor
Netgear
Status
Rbk852 Firmware
Vendor
CVE Published:
18 June 2020

Summary

Certain NETGEAR WiFi systems are susceptible to command injection, allowing an authenticated user to execute arbitrary commands. This critical flaw affects devices running firmware versions prior to 3.2.15.25 across multiple models, including RBK, RBR, and RBS series. Attackers with authenticated access could exploit this vulnerability, potentially compromising network security and device integrity.

References

https://kb.netgear.com/000061932/Security-Advisory-for-Po...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.