CVE-2022-30078
published 2022-09-07CVE-2022-30078: NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netgear | r6200_firmware | <= 1.0.3.12_10.1.11 | — |
| netgear | r6300_firmware | <= 1.0.4.52_10.0.93 | — |