CRITICAL🇵🇱 Wersja polska

CVE-2023-33532

CVSS 9.8v3.1pub. 2023-06-06upd. 2026-07-05

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netgear R6250

    HW
    Netgear
    wszystkie wersje
  • Netgear R6250 Firmware

    OS
    Netgear
    1.0.4.48
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-34563CRITICAL9.8ten sam produkt

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.

CVE-2021-45610CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 b...

CVE-2021-45609CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D8500 b...

CVE-2021-45527CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before ...

CVE-2021-38516CRITICAL10.0ten sam produkt

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 befor...