VYPR
Unrated severityNVD Advisory· Published Mar 26, 2022· Updated Aug 3, 2024

CVE-2022-27947

CVE-2022-27947

Description

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameter.

Affected products

2
  • Netgear/R8500cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 1.0.2.158

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.