Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 up to and including 10.0.0.50 allows remote malicious users to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear dgn2200_firmware |