CVE-2023-33532

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 6, 2023
Updated: Jan 8, 2025
CWE ID 77

Summary

CVE-2023-33532 is a command injection vulnerability affecting the Netgear R6250 router with Firmware Version 1.0.4.48. An attacker who manages to gain web management privileges can exploit this vulnerability by injecting commands into post request parameters. Successful exploitation grants the attacker shell privileges, posing a significant security risk. The vulnerability underscores the importance of keeping routers updated with the latest security patches to protect against potential threats. Netgear users are urged to apply the available patch to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share