admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create Netgear_Devices_boardDataWW.php_Unauthenticated_Remote_Command_Execution.md

Browse Source 
add Netgear_Devices_boardDataWW.php_Unauthenticated_Remote_Command_Execution.md
This commit is contained in:
Goby 2023-07-31 10:33:45 +08:00 committed by GitHub
parent 8c78e6dbfb
commit acc58c8a96
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Netgear_Devices_boardDataWW.php_Unauthenticated_Remote_Command_Execution.md Normal file
View File

@ -0,0 +1,12 @@
## Netgear Devices boardDataWW.php Unauthenticated Remote Command Execution
| **Vulnerability** | **Netgear Devices boardDataWW.php Unauthenticated Remote Command Execution** |
| :----: | :-----|
| **Chinese name** | Netgear 多款设备 boardDataWW.php 文件命令执行漏洞 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [title=="Netgear"](https://en.fofa.info/result?qbase64=dGl0bGU9PSJOZXRnZWFyIg%3D%3D) |
| **Number of assets affected** | 556 |
| **Description** | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. |
| **Impact** | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. |
![](https://s3.bmp.ovh/imgs/2023/07/31/4509202e858461b5.gif)