Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-2032

CWE-2225 documents5 sources
Severity
7.5HIGH
EPSS
1.6%
top 18.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Netgear Rp114
Timeline
PublishedMay 24
Latest updateApr 29

Description

Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDnetgear/rp1143.26

🔴Vulnerability Details

2
GHSA
GHSA-f58x-3j8w-r6xw: Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %202022-04-29
CVEList
CVE-2004-2032: Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %202005-05-10

💥Exploits & PoCs

1
Exploit-DB
Netgear RP114 3.26 - Content Filter Bypass2004-05-24

📐Framework References

1
CWE
Truncation of Security-relevant Information
CVE-2004-2032 (HIGH CVSS 7.5) | Netgear RP114 allows remote attacke | cvebase.io