Arbitrary Command Execution Vulnerability in NETGEAR R8500 1.0.2.158
CVE-2022-27945 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi.
Learn more about our User Device Pen Test.