Details of VAR-202408-2981

ID

VAR-202408-2981

CVE

CVE-2024-42756

TITLE

of netgear DGN1000WW Firmware Code injection vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-030072

DESCRIPTION

An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via the Diagnostics page. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software. NETGEAR DGN1000WW is a wireless router from NETGEAR

Trust: 2.16

sources: NVD: CVE-2024-42756 // JVNDB: JVNDB-2024-030072 // CNVD: CNVD-2025-11162

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-11162

AFFECTED PRODUCTS

vendor:	netgear	model:	dgn1000ww	scope:	eq	version:	1.1.00.45	Trust: 1.6
vendor:	ネットギア	model:	dgn1000ww	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	dgn1000ww	scope:	eq	version:	1.1.00.45	Trust: 0.8

sources: CNVD: CNVD-2025-11162 // JVNDB: JVNDB-2024-030072 // NVD: CVE-2024-42756

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-42756
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2024-030072
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-11162
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-11162
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-42756
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2024-030072
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-11162 // JVNDB: JVNDB-2024-030072 // NVD: CVE-2024-42756

PROBLEMTYPE DATA

problemtype:	CWE-94	Trust: 1.0
problemtype:	Code injection (CWE-94) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-030072 // NVD: CVE-2024-42756

EXTERNAL IDS

db:	NVD	id:	CVE-2024-42756	Trust: 3.2
db:	JVNDB	id:	JVNDB-2024-030072	Trust: 0.8
db:	CNVD	id:	CNVD-2025-11162	Trust: 0.6

sources: CNVD: CNVD-2025-11162 // JVNDB: JVNDB-2024-030072 // NVD: CVE-2024-42756

REFERENCES

url:	https://www.netgear.com/about/security/	Trust: 2.4
url:	https://github.com/nop3z/cve/blob/main/netgear/netgear%20dgn1000%20rce/netgear%20dgn1000%20rce.md	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2024-42756	Trust: 0.8

sources: CNVD: CNVD-2025-11162 // JVNDB: JVNDB-2024-030072 // NVD: CVE-2024-42756

SOURCES

db:	CNVD	id:	CNVD-2025-11162
db:	JVNDB	id:	JVNDB-2024-030072
db:	NVD	id:	CVE-2024-42756

LAST UPDATE DATE

2026-02-03T23:29:05.129000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-11162	date:	2025-05-30T00:00:00
db:	JVNDB	id:	JVNDB-2024-030072	date:	2026-02-02T10:20:00
db:	NVD	id:	CVE-2024-42756	date:	2026-01-30T20:47:34.863

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-11162	date:	2025-05-27T00:00:00
db:	JVNDB	id:	JVNDB-2024-030072	date:	2026-02-02T00:00:00
db:	NVD	id:	CVE-2024-42756	date:	2024-08-23T16:15:06.840