CVE-2023-33533
Description
Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request parameters, gaining shell privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Command injection in multiple Netgear routers allows an authenticated attacker with web management access to execute arbitrary shell commands.
Vulnerability
CVE-2023-33533 is a command injection vulnerability in the web management interface of several Netgear router models: D6220 (Firmware Version 1.0.0.80), D8500 (Firmware Version 1.0.3.60), R6700 (Firmware Version 1.0.2.26), and R6900 (Firmware Version 1.0.2.26) [1][2]. The vulnerability exists because user-supplied input to POST request parameters is not properly sanitized before being used in system commands, enabling injection of arbitrary commands [2]. The code path is reachable only through the administrative web interface after authentication.
Exploitation
An attacker must first gain valid web management credentials (e.g., via credential theft, brute force, or prior compromise) to access the admin interface. Once authenticated, the attacker sends crafted POST requests with malicious payloads in the vulnerable parameters to inject shell commands [2]. No additional user interaction beyond initial authentication is required, and exploitation does not rely on a race condition. The attacker can execute arbitrary operating system commands as the root user via the web interface's backend process [2].
Impact
Successful exploitation grants the attacker root shell privileges on the affected router [2]. This leads to a complete compromise of the device: full control over the operating system, ability to modify or exfiltrate data, disable security features, intercept network traffic, and use the router as a pivot point for further attacks on the internal network. The impact covers all three CIA pillars: confidentiality (data access), integrity (system modification), and availability (potential denial of service).
Mitigation
As of the publication date (June 6, 2023), specific fixed firmware versions have not been publicly announced in the available references [1][2]. Affected users should monitor Netgear's security advisory page [1] for updates and apply patches as soon as they become available. In the absence of a patch, ensure the web management interface is not exposed to the internet and restrict access to trusted local network administrators. If the product is no longer supported, consider replacing the device. This CVE is not listed in CISA's Known Exploited Vulnerabilities catalog as of the available information.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Netgear/D6220description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.