VYPR
Unrated severityNVD Advisory· Published Mar 26, 2022· Updated Aug 3, 2024

CVE-2022-27946

CVE-2022-27946

Description

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to admin_account.cgi.

Affected products

2
  • Netgear/R8500cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 1.0.2.158

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.