Command Injection Vulnerability in NETGEAR WiFi Devices
CVE-2021-29072
8.4HIGH
Summary
Certain NETGEAR WiFi devices are subject to a command injection vulnerability that allows an authenticated user to execute arbitrary commands, posing significant risks to device integrity and user data. This issue primarily affects models RBK852, RBK853, RBK854, RBR850, and RBS850, which require immediate attention to mitigate potential threats.
References
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved