← back
CVE-2013-10060

Netgear Routers pppoe.cgi RCE

CVSS 9.4 CRITICALEPSS 4.5%CWE-78
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Netgear · DGN2200B
public PoCs found4
cve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rbunverifiedcve_referenceweb.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015unverifiedcve_referencewww.exploit-db.com/exploits/24513unverifiedcve_referencewww.exploit-db.com/exploits/24974unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rbhttps://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015https://www.exploit-db.com/exploits/24513https://www.exploit-db.com/exploits/24974https://www.vulncheck.com/advisories/netgear-legacy-routers-rce