Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Tue, 23 Sep 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Netgear dgn2200b Firmware
|
|
CPEs | cpe:2.3:h:netgear:dgn2200b:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Netgear dgn2200b Firmware
|
|
Metrics |
cvssV3_1
|
Wed, 06 Aug 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 04 Aug 2025 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Netgear
Netgear dgn2200b |
|
Vendors & Products |
Netgear
Netgear dgn2200b |
Fri, 01 Aug 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored. | |
Title | Netgear Routers pppoe.cgi RCE | |
Weaknesses | CWE-78 | |
References |
|
|
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2025-08-06T14:22:09.688Z
Reserved: 2025-08-01T17:22:29.909Z
Link: CVE-2013-10060

Updated: 2025-08-06T14:21:51.382Z

Status : Analyzed
Published: 2025-08-01T21:15:28.163
Modified: 2025-09-23T17:07:29.847
Link: CVE-2013-10060

No data.

Updated: 2025-08-04T08:49:33Z