The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NNetgear Ac1200 R6220
HWNetgearwszystkie wersjeNetgear Ac1200 R6220 Firmware
OSNetgear1.1.0.112_1.0.11.1.0.114_1.0.1
Related vulnerabilities
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NET...
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0...
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php ...
ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execu...