← volver
CVE-2025-4121

Netgear JWNR2000v2 cmd_wireless command injection

CVSS 5.3 MEDIUMEPSS 3.3%CWE-74CWE-77
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Productos afectados
Netgear · JWNR2000v2

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Command_injection-cmd_wireless-port_phy_set/README.mdhttps://vuldb.com/?ctiid.306601https://vuldb.com/?id.306601https://vuldb.com/?submit.560775https://www.netgear.com/