← back
CVE-2024-57046

CVE-2024-57046

CVSS 8.8 HIGHEPSS 2.1%CWE-287
Vexday Risk Score
36Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 8.8EPSS 2.1%KEV nãoPoC Nuclei simMetasploit Patch
Lifecycle
18 Feb 2025Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass%20Vulnerability%20in%20Netgear%20DGN2200.mdhttps://www.netgear.com/about/security/