November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Hive Ransomware – Active IOCs
September 9, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
September 11, 2022Rewterz Threat Alert – Hive Ransomware – Active IOCs
September 9, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
September 11, 2022
Severity
High
Analysis Summary
CVE-2022-30079 CVSS:8.8
NETGEAR R6200_v2 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection vulnerability in the /sbin/acos_service binary. An attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2022-30078 CVSS:9.8
NETGEAR R6200v2 and NETGEAR R6300v2 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the ipv6_fix.cgi script. By sending a specially-crafted request using shell metacharacters in the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-30079
- CVE-2022-30078
Affected Vendors
- NETGEAR
Affected Products
- NETGEAR R6200v2 1.0.3
- NETGEAR R6200v2 1.0.3.12_10.1.11
- NETGEAR R6200v2 1.0.3.12_10.1.11
- NETGEAR R6300v2 1.0.4.52_10.0.93
Remediation
Refer to NETGEAR Website for patch, upgrade or suggested workaround information.