CVE-2024-51005
CVSS 3.1 Score 8 of 10 (high)
Details
Published Nov 5, 2024
CWE ID 78
Summary
CVE-2024-51005 is a newly disclosed vulnerability affecting the Netgear R8500 v1.0.2.160 firmware. The issue lies in the usb_remote_smb_conf.cgi file, where the share_name parameter is susceptible to command injection attacks. Successful exploitation enables attackers to execute arbitrary OS commands by sending specially crafted requests, posing a significant risk to network security.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- R8 500