← back
CVE-2024-35520

CVE-2024-35520

CVSS 8.4 HIGHEPSS 9.1%CWE-77
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.4EPSS 9.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.
CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.netgear.com/000066027/Security-Advisory-for-Post-Authentication-Command-Injection-on-the-R7000-PSV-2023-0154