Command Injection Vulnerability in Netgear R8500 Router
CVE-2024-51009

Currently unrated

Key Information:

Vendor: Netgear
Status: R8500 Router
Vendor: CVE Published:; 5 November 2024

Summary

A command injection vulnerability exists in the Netgear R8500 router, specifically in the wan_gateway parameter at ether.cgi. This flaw enables attackers to execute arbitrary operating system commands through specially crafted requests, posing significant security risks to users. It is crucial for users to ensure their devices are updated and secured against potential exploitation.

References

https://www.netgear.com/about/security/

https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vul...

Timeline

Vulnerability published
Nov 5, 2024
Vulnerability Reserved
Oct 28, 2024