← back
CVE-2023-33532

CVE-2023-33532

CVSS 9.8 CRITICALEPSS 19.4%CWE-77
Vexday Risk Score
33Attention
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 19.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
06 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://netgear.comhttps://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33532/Netgear_R6250_RCE.pdf