CVE-2024-35517

Severity

7.2HIGH

EPSS

10.9%

top 6.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 11

Latest updateOct 12

Description

Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter.

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.7 | Impact: 6.0

GHSA

GHSA-v796-xhpp-w9px: Netgear XR1000 v1↗2024-10-12

▶

CVEList

CVE-2024-35517: Netgear XR1000 v1↗2024-10-11

▶