Netgear Nighthawk Wifi6 Router (RAX30) Denial of Service Vulnerability

Netgear Nighthawk Wifi6 Router (RAX30) Denial of Service Vulnerability

CVE-2023-28338 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting in the device becoming unusable until it is rebooted.

Learn more about our Web App Pen Testing.