Runyuan Mei

**Name of the Vulnerable Software and Affected Versions** Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 **Description** A command injection issue was found in the `/sbin/acos service` binary, allowing remote authenticated attackers to modify values in a vulnerable parameter. This could potentially lead to unauthorized changes. **Recommendations** For Netgear R6200 v2 firmware through R6200v2-V1.0.3.12, consider restricting access to the `/sbin/acos service` binary until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6200 V2 versions through R6200v2-V1.0.3.12 10.1.11 NETGEAR R6300 V2 versions through R6300v2-V1.0.4.52 10.0.93 **Description** The issue allows remote authenticated attackers to execute arbitrary commands via shell metacharacters in the `ipv6 fix.cgi` parameters, specifically `ipv6 wan ipaddr`, `ipv6 lan ipaddr`, `ipv6 wan length`, or `ipv6 lan length`. **Recommendations** For NETGEAR R6200 V2 versions through R6200v2-V1.0.3.12 10.1.11, update to a version later than R6200v2-V1.0.3.12 10.1.11 to resolve the issue. For NETGEAR R6300 V2 versions through R6300v2-V1.0.4.52 10.0.93, update to a version later than R6300v2-V1.0.4.52 10.0.93 to resolve the issue. As a temporary workaround, consider restricting access to the `ipv6 fix.cgi` endpoint until a patch is available. Avoid using the parameters `ipv6 wan ipaddr`, `ipv6 lan ipaddr`, `ipv6 wan length`, or `ipv6 lan length` in the affected endpoint until the issue is resolved.