CVE-2024-35518 | Netgear EX6120 1.0.0.68/2.cgi genie_fix2.cgi wan_dns1_pri command injection

Inserito da Angelo Barbosa | Ott 15, 2024 | CVE

A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68/2.cgi. Affected by this vulnerability is an unknown functionality of the file genie_fix2.cgi. The manipulation of the argument wan_dns1_pri leads to command injection.

This vulnerability is known as CVE-2024-35518. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-35518 | Netgear EX6120 1.0.0.68/2.cgi genie_fix2.cgi wan_dns1_pri command injection

Post correlati

CVE-2023-51102 | Tenda W9 1.0.0.7(4456)_CN formWifiMacFilterSet stack-based overflow

CVE-2024-39820 | Zoom Workplace Desktop App on macOS uncontrolled search path (ZSB-24027)

CVE-2024-24136 | SourceCodester Math Game with Leaderboard 1.0 Score Section Your Name cross site scripting

CVE-2024-32991 | Huawei HarmonyOS/EMUI wpa_supplicant Module denial of service