← voltar
CVE-2025-4121

Netgear JWNR2000v2 cmd_wireless command injection

CVSS 5.3 MEDIUMEPSS 3.3%CWE-74CWE-77
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Produtos afetados
Netgear · JWNR2000v2

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Command_injection-cmd_wireless-port_phy_set/README.mdhttps://vuldb.com/?ctiid.306601https://vuldb.com/?id.306601https://vuldb.com/?submit.560775https://www.netgear.com/