CVE-2018-11106

EPSS 2.6%

NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5.

Productos afectados

NETGEAR · WC7500 NETGEAR · WC7520 NETGEAR · WC7600v1 NETGEAR · WC7600v2 NETGEAR · WC9500

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051