OS Command Injection Vulnerability in Netgear DC112A Router
CVE-2025-28219

9.8CRITICAL

Key Information:

Vendor: Netgear
Status: DC112A
Vendor: CVE Published:; 28 March 2025

What is CVE-2025-28219?

The Netgear DC112A router version V1.0.0.64 is susceptible to an OS command injection vulnerability found in the 'usb_adv.cgi' component. This weakness enables remote attackers to execute arbitrary operating system commands by sending crafted POST requests that manipulate the 'deviceName' parameter. Exploiting this vulnerability could potentially grant unauthorized access to sensitive system functionalities and pose significant risks to device integrity and network security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/IdaJea/IOT_vuln_1/blob/master/DC112A_V...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 28, 2025
Vulnerability Reserved
Mar 11, 2025

JSON

Netgear

What is CVE-2025-28219?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.