CVE-2024-52022

Name of the Vulnerable Software and Affected Versions Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128

Description A command injection vulnerability was discovered in the wlg adv.cgi component of Netgear routers, specifically via the apmode gateway parameter. This issue allows attackers to execute arbitrary OS commands by sending a crafted request. The vulnerability is related to the lack of input data sanitization at the management level when processing the apmode gateway parameter, which can be exploited by a remote attacker to execute arbitrary commands.

Recommendations For Netgear R8500 version 1.0.2.160, update to a newer version that contains a fix for this issue. For Netgear XR300 version 1.0.3.78, update to a newer version that contains a fix for this issue. For Netgear R7000P version 1.3.3.154, update to a newer version that contains a fix for this issue. For Netgear R6400 v2 version 1.0.4.128, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the wlg adv.cgi component and the apmode gateway parameter to minimize the risk of exploitation.