Medium severity6.5NVD Advisory· Published Dec 4, 2024· Updated Apr 15, 2026

CVE-2024-12147

Description

A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/upload000/Hub/blob/main/IOT/Netgear_R6900.mdnvd
vuldb.comnvd
vuldb.comnvd
vuldb.comnvd
www.netgear.comnvd
www.netgear.com/about/eos/nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000