## Netgear Devices boardDataWW.php Unauthenticated Remote Command Execution

|   **Vulnerability**  | **Netgear Devices boardDataWW.php Unauthenticated Remote Command Execution**  |
| :----:   | :-----|
|  **Chinese name**  | Netgear 多款设备 boardDataWW.php 文件命令执行漏洞 |
| **CVSS core**  | 9.8 |
| **FOFA Query**  (click to view the results directly)| [title=="Netgear"](https://en.fofa.info/result?qbase64=dGl0bGU9PSJOZXRnZWFyIg%3D%3D) |
| **Number of assets affected**  | 556 |
| **Description**  | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. |
| **Impact** | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. |

![](https://s3.bmp.ovh/imgs/2023/07/31/4509202e858461b5.gif)