Vulnerability Details CVE-2023-33532
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.303
EPSS Ranking 96.4%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-33532
-
cpe:2.3:h:netgear:r6250:-
-
cpe:2.3:o:netgear:r6250_firmware:1.0.4.48