CVE-2023-0849

CWE-77Command Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.8%
top 26.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Netgear Wndr3700v2Netgear Wndr3700 Firmware
Timeline
PublishedFeb 15
Latest updateFeb 16

Description

A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221152.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:LExploitability: 1.2 | Impact: 3.4

Affected Packages2 packages

CVEListV5netgear/wndr3700v21.0.1.14

🔴Vulnerability Details

2
GHSA
GHSA-mj33-6xc3-8qh6: A vulnerability has been found in Netgear WNDR3700v2 12023-02-16
CVEList
Netgear WNDR3700v2 Web Interface command injection2023-02-15
CVE-2023-0849 (CRITICAL CVSS 9.8) | A vulnerability has been found in N | cvebase.io