CVE-2024-35519 | Severity.io

Description

Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.

Related CPE's

netgear

Vulnerable

Vulnerable

Vulnerable

References

https://github.com/consrc/cves/blob/main/CVE-2024-35519.md

Third Party Advisory

Weaknesses

[email protected]

Primary

CWE-77

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary

CWE-78

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.4 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2024-10-14T20:15:03.543Z

1 year ago

Last modified

2025-03-17T15:15:21.827Z

1 year ago