Command Injection Vulnerability in Netgear R6250 Router Firmware Version 1.0.4.48

Command Injection Vulnerability in Netgear R6250 Router Firmware Version 1.0.4.48

CVE-2023-33532 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.

Learn more about our Web App Pen Testing.