CVE-2017-6334 - NETGEAR DGN2200 Devices OS Command Injection Vulnerability
Project:NETGEAR
Product:DGN2200 Devices
Date Added:2022-03-25Due Date:2022-04-15
Vulnerability Name
NETGEAR DGN2200 Devices OS Command Injection Vulnerability
Description
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands
Known To Be Used in Ransomware Campaigns?
Unknown
Action
The impacted product is end-of-life and should be disconnected if still in use.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-6334