CVE-2024-57046

CVSS 8.8 HIGHEPSS 2.1%CWE-287

Vexday Risk Score

36Atención

Decisión SSVC (CISA)

Attend

PoC disponible → seguir de cerca

CVSS 8.8EPSS 2.1%KEV nãoPoC —Nuclei simMetasploit —Patch —

Ciclo de vida

18 feb 2025Publicada en NVD

Recomendación: Planificar corrección próxima — ya existe PoC pública.

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass%20Vulnerability%20in%20Netgear%20DGN2200.md https://www.netgear.com/about/security/