Kevin Breen

**Name of the Vulnerable Software and Affected Versions** NETGEAR AC2100 versions prior to 1.2.0.88 NETGEAR AC2400 versions prior to 1.2.0.88 NETGEAR AC2600 versions prior to 1.2.0.88 NETGEAR D7000 versions prior to 1.0.1.82 NETGEAR R6220 versions prior to 1.1.0.110 NETGEAR R6230 versions prior to 1.1.0.110 NETGEAR R6260 versions prior to 1.1.0.84 NETGEAR R6330 versions prior to 1.1.0.84 NETGEAR R6350 versions prior to 1.1.0.84 NETGEAR R6700v2 versions prior to 1.2.0.88 NETGEAR R6800 versions prior to 1.2.0.88 NETGEAR R6850 versions prior to 1.1.0.84 NETGEAR R6900v2 versions prior to 1.2.0.88 NETGEAR R7200 versions prior to 1.2.0.88 NETGEAR R7350 versions prior to 1.2.0.88 NETGEAR R7400 versions prior to 1.2.0.88 NETGEAR R7450 versions prior to 1.2.0.88 **Description** The issue is related to command injection by an authenticated user due to the lack of input data sanitization. This allows a remote attacker to execute arbitrary commands. **Recommendations** For NETGEAR AC2100 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR AC2400 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR AC2600 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR D7000 versions prior to 1.0.1.82, update to version 1.0.1.82 or later. For NETGEAR R6220 versions prior to 1.1.0.110, update to version 1.1.0.110 or later. For NETGEAR R6230 versions prior to 1.1.0.110, update to version 1.1.0.110 or later. For NETGEAR R6260 versions prior to 1.1.0.84, update to version 1.1.0.84 or later. For NETGEAR R6330 versions prior to 1.1.0.84, update to version 1.1.0.84 or later. For NETGEAR R6350 versions prior to 1.1.0.84, update to version 1.1.0.84 or later. For NETGEAR R6700v2 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR R6800 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR R6850 versions prior to 1.1.0.84, update to version 1.1.0.84 or later. For NETGEAR R6900v2 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR R7200 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR R7350 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR R7400 versions prior to 1.2.0.88, update to version 1.2.0.88 or later. For NETGEAR R7450 versions prior to 1.2.0.88, update to version 1.2.0.88 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D7800 versions prior to 1.0.1.66 NETGEAR EX2700 versions prior to 1.0.1.68 NETGEAR WN3000RPv2 versions prior to 1.0.0.90 NETGEAR WN3000RPv3 versions prior to 1.0.2.100 NETGEAR LBR1020 versions prior to 2.6.5.20 NETGEAR LBR20 versions prior to 2.6.5.32 NETGEAR R6700AX versions prior to 1.0.10.110 NETGEAR R7800 versions prior to 1.0.2.86 NETGEAR R8900 versions prior to 1.0.5.38 NETGEAR R9000 versions prior to 1.0.5.38 NETGEAR RAX10 versions prior to 1.0.10.110 NETGEAR RAX120v1 versions prior to 1.2.3.28 NETGEAR RAX120v2 versions prior to 1.2.3.28 NETGEAR RAX70 versions prior to 1.0.10.110 NETGEAR RAX78 versions prior to 1.0.10.110 NETGEAR XR450 versions prior to 2.3.2.130 NETGEAR XR500 versions prior to 2.3.2.130 NETGEAR XR700 versions prior to 1.0.1.46 **Description** The issue is related to the disclosure of sensitive information in certain NETGEAR devices. A UPnP request can reveal a device's serial number, which can then be used for a password reset. This is due to insufficient protection of service data, allowing an attacker to gain unauthorized access to protected information or execute arbitrary commands. **Recommendations** For NETGEAR D7800 version prior to 1.0.1.66, update to version 1.0.1.66 or later. For NETGEAR EX2700 version prior to 1.0.1.68, update to version 1.0.1.68 or later. For NETGEAR WN3000RPv2 version prior to 1.0.0.90, update to version 1.0.0.90 or later. For NETGEAR WN3000RPv3 version prior to 1.0.2.100, update to version 1.0.2.100 or later. For NETGEAR LBR1020 version prior to 2.6.5.20, update to version 2.6.5.20 or later. For NETGEAR LBR20 version prior to 2.6.5.32, update to version 2.6.5.32 or later. For NETGEAR R6700AX version prior to 1.0.10.110, update to version 1.0.10.110 or later. For NETGEAR R7800 version prior to 1.0.2.86, update to version 1.0.2.86 or later. For NETGEAR R8900 version prior to 1.0.5.38, update to version 1.0.5.38 or later. For NETGEAR R9000 version prior to 1.0.5.38, update to version 1.0.5.38 or later. For NETGEAR RAX10 version prior to 1.0.10.110, update to version 1.0.10.110 or later. For NETGEAR RAX120v1 version prior to 1.2.3.28, update to version 1.2.3.28 or later. For NETGEAR RAX120v2 version prior to 1.2.3.28, update to version 1.2.3.28 or later. For NETGEAR RAX70 version prior to 1.0.10.110, update to version 1.0.10.110 or later. For NETGEAR RAX78 version prior to 1.0.10.110, update to version 1.0.10.110 or later. For NETGEAR XR450 version prior to 2.3.2.130, update to version 2.3.2.130 or later. For NETGEAR XR500 version prior to 2.3.2.130, update to version 2.3.2.130 or later. For NETGEAR XR700 version prior to 1.0.1.46, update to version 1.0.1.46 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D7800 versions 1.0.1.66 and earlier NETGEAR EX2700 versions 1.0.1.68 and earlier NETGEAR WN3000RPv2 versions 1.0.0.90 and earlier NETGEAR WN3000RPv3 versions 1.0.2.100 and earlier NETGEAR LBR1020 versions 2.6.5.20 and earlier NETGEAR LBR20 versions 2.6.5.32 and earlier NETGEAR R6700AX versions 1.0.10.110 and earlier NETGEAR R7800 versions 1.0.2.86 and earlier NETGEAR R8900 versions 1.0.5.38 and earlier NETGEAR R9000 versions 1.0.5.38 and earlier NETGEAR RAX10 versions 1.0.10.110 and earlier NETGEAR RAX120v1 versions 1.2.3.28 and earlier NETGEAR RAX120v2 versions 1.2.3.28 and earlier NETGEAR RAX70 versions 1.0.10.110 and earlier NETGEAR RAX78 versions 1.0.10.110 and earlier NETGEAR XR450 versions 2.3.2.130 and earlier NETGEAR XR500 versions 2.3.2.130 and earlier NETGEAR XR700 versions 1.0.1.46 and earlier **Description** The issue is related to command injection by an authenticated user due to the lack of input data sanitization. This can allow an attacker to execute arbitrary commands or gain unauthorized access to protected information by sending a specially crafted request to the UPNP port. **Recommendations** For NETGEAR D7800 versions 1.0.1.66 and earlier, update to version 1.0.1.66 or later. For NETGEAR EX2700 versions 1.0.1.68 and earlier, update to version 1.0.1.68 or later. For NETGEAR WN3000RPv2 versions 1.0.0.90 and earlier, update to version 1.0.0.90 or later. For NETGEAR WN3000RPv3 versions 1.0.2.100 and earlier, update to version 1.0.2.100 or later. For NETGEAR LBR1020 versions 2.6.5.20 and earlier, update to version 2.6.5.20 or later. For NETGEAR LBR20 versions 2.6.5.32 and earlier, update to version 2.6.5.32 or later. For NETGEAR R6700AX versions 1.0.10.110 and earlier, update to version 1.0.10.110 or later. For NETGEAR R7800 versions 1.0.2.86 and earlier, update to version 1.0.2.86 or later. For NETGEAR R8900 versions 1.0.5.38 and earlier, update to version 1.0.5.38 or later. For NETGEAR R9000 versions 1.0.5.38 and earlier, update to version 1.0.5.38 or later. For NETGEAR RAX10 versions 1.0.10.110 and earlier, update to version 1.0.10.110 or later. For NETGEAR RAX120v1 versions 1.2.3.28 and earlier, update to version 1.2.3.28 or later. For NETGEAR RAX120v2 versions 1.2.3.28 and earlier, update to version 1.2.3.28 or later. For NETGEAR RAX70 versions 1.0.10.110 and earlier, update to version 1.0.10.110 or later. For NETGEAR RAX78 versions 1.0.10.110 and earlier, update to version 1.0.10.110 or later. For NETGEAR XR450 versions 2.3.2.130 and earlier, update to version 2.3.2.130 or later. For NETGEAR XR500 versions 2.3.2.130 and earlier, update to version 2.3.2.130 or later. For NETGEAR XR700 versions 1.0.1.46 and earlier, update to version 1.0.1.46 or later.

Name of the Vulnerable Software and Affected Versions: Wagtail versions prior to 2.11.7 Wagtail versions prior to 2.12.4 Description: In affected versions of Wagtail, a Django content management system, the software does not apply server-side checks to ensure that link URLs use a valid protocol when saving the contents of a rich text field in the admin interface. A malicious user with access to the admin interface could craft a POST request to publish content with `javascript:` URLs containing arbitrary code. The issue is not exploitable by an ordinary site visitor without access to the Wagtail admin. Recommendations: For versions prior to 2.11.7, update to Wagtail 2.11.7 or later. For versions prior to 2.12.4, update to Wagtail 2.12.4 or later. As a temporary workaround for sites that cannot easily upgrade, add the provided code to a `wagtail hooks.py` module in any installed app to patch the vulnerability.