Vulnerability Details CVE-2013-10060
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.0%
CVSS Severity
CVSS v3 Score 7.2
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb
- https://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015
- https://www.exploit-db.com/exploits/24513
- https://www.exploit-db.com/exploits/24974
- https://www.vulncheck.com/advisories/netgear-legacy-routers-rce
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb
- https://web.archive.org/web/20170422033239/http://www.s3cur1ty.de/m1adv2013-015
- https://www.exploit-db.com/exploits/24513
- https://www.exploit-db.com/exploits/24974
Products affected by CVE-2013-10060
-
cpe:2.3:h:netgear:dgn2200b:-
-
cpe:2.3:o:netgear:dgn2200b_firmware:-
-
cpe:2.3:o:netgear:dgn2200b_firmware:1.0.0.102
-
cpe:2.3:o:netgear:dgn2200b_firmware:1.0.0.58
-
cpe:2.3:o:netgear:dgn2200b_firmware:1.0.0.82
-
cpe:2.3:o:netgear:dgn2200b_firmware:1.0.0.94
-
cpe:2.3:o:netgear:dgn2200b_firmware:1.0.0.96