Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T01:40:15.309Z

Reserved: 2019-10-09T00:00:00

Link: CVE-2019-17373

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-10-09T13:15:20.193

Modified: 2024-11-21T04:32:12.537

Link: CVE-2019-17373

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.