CVE-2024-30568 Scanner
CVE-2024-30568 Scanner - Command Injection vulnerability in Netgear R6850 Router
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
24 days 22 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
The Netgear R6850 Router is widely used in residential and small office settings as it provides connectivity options for various devices. It is manufactured by Netgear, a global networking company known for delivering innovative networking solutions. Designed to support seamless internet access, this router often serves as a critical component of local networks. The R6850 model is valued for its reliability and ease of configuration, making it popular among non-technical users. It features wireless and ethernet connections, ensuring versatility across different network environments.
However, the R6850 router contains a significant command injection vulnerability. This vulnerability allows unauthorized users to inject and execute arbitrary system commands. It is specifically present in the 'ping_test' functionality, exploitable through the c4_IPAddr parameter. This issue poses a severe security risk as it enables remote code execution with root-level privileges.
Technical analysis has identified the c4_IPAddr parameter of the ping_test function as the vulnerable endpoint. Attackers can craft special requests to exploit this vulnerability, with the potential to control and manipulate the command line interface. The vulnerability supports command chaining, allowing for extensive and unrestricted command execution. Successful exploitation requires no authentication, significantly increasing the risk factor associated with the router.
When exploited, the command injection vulnerability could have severe consequences. Attackers could deliver and execute malicious software, deploy backdrops, capture sensitive data, or entirely disrupt router operations. Such exploitation might lead to unauthorized network access, anonymity compromise, and additional propagation of malware within the connected network.
REFERENCES
