A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear rbs750 firmware 4.6.8.5 |
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Maybe this is deserved given the problem's in a hidden telnet service
Public proof-of-concept exploits have landed for bugs in Netgear Orbi routers – including one critical command execution vulnerability. The four vulnerabilities are found in Netgear's Orbi mesh wireless system, including its main router and the satellite routers that extend Wi-Fi networks. Cisco Talos researchers disclosed these bugs to Netgear on August 30, 2022. Since the 90-day countdown has run its course on Cisco's vulnerability disclosure policy, the networking giant has publicly d...