Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
References
| Link | Resource |
|---|---|
| https://github.com/consrc/cves/blob/main/CVE-2024-35519.md | Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
16 Oct 2024, 17:17
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/consrc/cves/blob/main/CVE-2024-35519.md - Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
| CWE | CWE-77 | |
| CPE | cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:* |
|
| First Time |
Netgear ex3700 Firmware
Netgear ex6100 Netgear ex6120 Netgear ex6100 Firmware Netgear ex6120 Firmware Netgear Netgear ex3700 |
15 Oct 2024, 12:57
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
14 Oct 2024, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-10-14 22:15
Updated : 2024-10-16 17:17
NVD link : CVE-2024-35519
Mitre link : CVE-2024-35519
CVE.ORG link : CVE-2024-35519
JSON object : View
Products Affected
netgear
- ex6120_firmware
- ex6100_firmware
- ex6120
- ex3700_firmware
- ex6100
- ex3700
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')