CVE-2023-27358

Name of the Vulnerable Software and Affected Versions NETGEAR RAX30 versions (affected versions not specified) NETGEAR RAX35 versions (affected versions not specified) NETGEAR RAX38 versions (affected versions not specified) NETGEAR RAX40 versions (affected versions not specified) NETGEAR RAXE300 versions (affected versions not specified)

Description This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR routers. The flaw exists within the handling of specific SOAP requests, resulting from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this to execute arbitrary code in the context of the service account. Authentication is not required to exploit this issue.

Recommendations For NETGEAR RAX30, consider disabling the handling of SOAP requests until a patch is available. For NETGEAR RAX35, restrict access to the SQL query construction functionality to minimize the risk of exploitation. For NETGEAR RAX38, avoid using user-supplied strings in SQL queries until the issue is resolved. For NETGEAR RAX40, as a temporary workaround, consider limiting the service account privileges until a patch is available. For NETGEAR RAXE300, at the moment, there is no information about a newer version that contains a fix for this issue.