dnslookup.cgi on NETGEAR DGN2200 devices with firmware up to and including 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear dgn2200_series_firmware |