PT-2021-4801 · NetGear · Netgear R6020

Joel Sanchez

Published

2021-09-15

Updated

2021-09-29

CVE-2021-41383

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NETGEAR R6020 version 1.0.0.48

Description The issue is related to the lack of input validation, allowing an attacker to execute arbitrary shell commands via shell metacharacters in the ntp server field. This can be done by exploiting the setup.cgi endpoint on the NETGEAR R6020 device. An admin can execute arbitrary shell commands, potentially leading to remote code execution.

Recommendations For NETGEAR R6020 version 1.0.0.48, consider disabling the setup.cgi endpoint or restricting access to it until a patch is available. Avoid using shell metacharacters in the ntp server field to minimize the risk of exploitation.

Exploit

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

BDU:2021-05526

CVE-2021-41383

Affected Products

Netgear R6020

PT-2021-4801 · NetGear · Netgear R6020

CVE-2021-41383

Weakness Enumeration

Related Identifiers

Affected Products

References · 7