CVE-2024-51011

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024

CWE ID 120

Summary

CVE-2024-51010 is a command injection vulnerability affecting select Netgear routers, including the R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128. The issue resides in the ap_mode.cgi component and can be exploited through the apmode_gateway parameter. Successful attacks allow adversaries to execute arbitrary OS commands, potentially leading to significant security risks and unauthorized system access. Users are advised to apply patches or updates as soon as they become available to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/z7SE3V
https://www.cve.org/CVERecord?id=CVE-2024-51011
https://nvd.nist.gov/vuln/detail/CVE-2024-51011

Back to Vulnerability Database

CVE-2024-51011

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations