CVE-2024-30568 Scanner

CVE-2024-30568 Scanner - Command Injection vulnerability in Netgear R6850 Router

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

24 days 22 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

The Netgear R6850 Router is widely used in residential and small office settings as it provides connectivity options for various devices. It is manufactured by Netgear, a global networking company known for delivering innovative networking solutions. Designed to support seamless internet access, this router often serves as a critical component of local networks. The R6850 model is valued for its reliability and ease of configuration, making it popular among non-technical users. It features wireless and ethernet connections, ensuring versatility across different network environments.

However, the R6850 router contains a significant command injection vulnerability. This vulnerability allows unauthorized users to inject and execute arbitrary system commands. It is specifically present in the 'ping_test' functionality, exploitable through the c4_IPAddr parameter. This issue poses a severe security risk as it enables remote code execution with root-level privileges.

Technical analysis has identified the c4_IPAddr parameter of the ping_test function as the vulnerable endpoint. Attackers can craft special requests to exploit this vulnerability, with the potential to control and manipulate the command line interface. The vulnerability supports command chaining, allowing for extensive and unrestricted command execution. Successful exploitation requires no authentication, significantly increasing the risk factor associated with the router.

When exploited, the command injection vulnerability could have severe consequences. Attackers could deliver and execute malicious software, deploy backdrops, capture sensitive data, or entirely disrupt router operations. Such exploitation might lead to unauthorized network access, anonymity compromise, and additional propagation of malware within the connected network.

REFERENCES

Get started to protecting your digital assets