CVE-2024-52019

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Nov 5, 2024
CWE ID 78

Summary

CVE-2024-52019 is a newly disclosed vulnerability affecting Netgear R8500 v1.0.2.160 routers. The issue lies in the genie_fix2.cgi file, specifically in the wan_gateway parameter. This flaw enables attackers to inject and execute arbitrary operating system commands through specially crafted requests. Successful exploitation could result in significant unauthorized access and potential compromise of the affected device. It is recommended that users update their Netgear routers to the latest firmware version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share