CVE-2023-28338

Name of the Vulnerable Software and Affected Versions Netgear Nighthawk Wifi6 Router (RAX30) (affected versions not specified)

Description The issue arises when a request is sent to the router's web service with a Content-Type of multipartboundary=, causing the request body to be written to /tmp/mulipartFile on the device. This can lead to device resources being exhausted if a sufficiently large file is sent, resulting in the device becoming unusable until it is rebooted.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.