consrc/CVEs

consrc/CVEs

Releases0

Stars4

CVEs reported by Concordia Security Research Centre, Montreal, Canada.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-35518 ↗	Oct 14, 2024Monday, 14 October 2024, 22:15	8.4 HIGH	—
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter.
CVE-2024-35519 ↗	Oct 14, 2024Monday, 14 October 2024, 22:15	8.4 HIGH	—
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
CVE-2024-35522 ↗	Oct 11, 2024Friday, 11 October 2024, 22:15	8.4 HIGH	—
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operating_mode.cgi via the ap_mode parameter with ap_24g_manual set to 1 and ap_24g_manual_sec set to NotNone.
CVE-2024-35517 ↗	Oct 11, 2024Friday, 11 October 2024, 22:15	8.4 HIGH	—
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter.