Vulnerability Details CVE-2024-35522
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operating_mode.cgi via the ap_mode parameter with ap_24g_manual set to 1 and ap_24g_manual_sec set to NotNone.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.3%
CVSS Severity
CVSS v3 Score 8.4
Products affected by CVE-2024-35522
-
cpe:2.3:h:netgear:ex3700:-
-
cpe:2.3:o:netgear:ex3700_firmware:-
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.64
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.66
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.70
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.72
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.76
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.84
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.90
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.94
-
cpe:2.3:o:netgear:ex3700_firmware:1.0.0.96