ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 04 Feb 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-03-07'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-07-30T01:46:32.513Z

Reserved: 2017-02-18T00:00:00.000Z

Link: CVE-2017-6077

cve-icon Vulnrichment

Updated: 2024-08-05T15:18:49.773Z

cve-icon NVD

Status : Deferred

Published: 2017-02-22T23:59:00.190

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-6077

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.