CVE-2022-42221

Vulnerability

Netgear R6220 router firmware version 1.1.0.114_1.0.1 suffers from an Incorrect Access Control vulnerability that leads to operating system command injection [1]. The flaw exists because the web management interface does not properly restrict access to functionality that passes unsanitized user input to a system shell. No special configuration is required; the vulnerable code path is reachable in the default administrative interface.

Exploitation

To exploit this vulnerability, an attacker must have network access to the router's web-based administration interface and be able to authenticate as an administrator [1]. With valid credentials, the attacker can craft a malicious HTTP request containing shell metacharacters in a parameter that is subsequently passed to a command execution routine. No user interaction beyond normal administration is required.

Impact

Successful exploitation permits an authenticated attacker to execute arbitrary operating system commands with full root privileges [1]. This results in complete compromise of the affected device, including disclosure of sensitive configuration data, installation of persistent malware, and use of the router as a pivot point for further network attacks.

Mitigation

As of the publication date, Netgear has not released a firmware update that addresses CVE-2022-42221 [1]. The vendor's security advisory page (https://www.netgear.com/about/security/) is the authoritative source for future patches. The affected firmware version 1.1.0.114_1.0.1 is end-of-life; users should consider upgrading to a supported router model. No workaround is documented in the available references.