CVE-2022-37337

9.1CRITICAL

Key Information

Vendor
Netgear
Status
Orbi Router Rbr750
Vendor
CVE Published:
21 March 2023

Summary

A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Affected Version(s)

Orbi Router RBR750 = 4.6.8.5

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Risk change from: 8.8 to: 9.1 - (CRITICAL)

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.