Hyunseok Yun

**Name of the Vulnerable Software and Affected Versions** NETGEAR Orbi devices (affected versions not specified) **Description** A flaw exists in the DHCPv6 functionality of NETGEAR Orbi devices due to insufficient input validation. This allows attackers located on the same network, authenticated via WiFi or LAN, to execute OS command injections on the router. DHCPv6 is not enabled by default. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Access point (affected versions not specified) **Description** Successful exploitation of the issue could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.