FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_access_token parameter. This affects R6230 before 1.1.0.112, R6260 before 1.1.0.88, R7000 before 1.0.11.134, R8900 before 1.0.5.42, R9000 before 1.0.5.42, and XR300 before 1.0.3.72 and Orbi RBR20 before 2.7.2.26, RBR50 before 2.7.4.26, RBS20 before 2.7.2.26, and RBS50 before 2.7.4.26.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:LNetgear R6230
HWNetgearwszystkie wersjeNetgear R6230 Firmware
OSNetgear< 1.1.0.112Netgear R6260
HWNetgearwszystkie wersjeNetgear R6260 Firmware
OSNetgear< 1.1.0.88Netgear R7000
HWNetgearwszystkie wersjeNetgear R7000 Firmware
OSNetgear< 1.0.11.134Netgear R8900
HWNetgearwszystkie wersjeNetgear R8900 Firmware
OSNetgear< 1.0.5.42Netgear R9000
HWNetgearwszystkie wersjeNetgear R9000 Firmware
OSNetgear< 1.0.5.42Netgear Rax120
HWNetgearwszystkie wersjeNetgear Rax120 Firmware
OSNetgear< 1.2.8.40Netgear Rax120v2
HWNetgearwszystkie wersjeNetgear Rax120v2 Firmware
OSNetgear< 1.2.8.40Netgear Rbr20
HWNetgearwszystkie wersjeNetgear Rbr20 Firmware
OSNetgear< 2.7.2.26Netgear Rbs20
HWNetgearwszystkie wersjeNetgear Rbs20 Firmware
OSNetgear< 2.7.2.26Netgear Xr300
HWNetgearwszystkie wersjeNetgear Xr300 Firmware
OSNetgear< 1.0.3.72
Powiązane podatności
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attac...
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffe...
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 b...
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before ...
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 bef...