Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter.
An attacker can inject malicious system commands via the c4-IPAddr parameter, which is not properly validated or filtered by the device software. Based on the parameter name and references pointing to the ping_test function, the vulnerability likely relates to the router's diagnostic functionality. A crafted network request containing a command injection payload can be executed with the privileges of the process handling the given parameter.
A remote, unauthenticated attacker can execute arbitrary system commands on the device, leading to complete takeover of the router, including violations of confidentiality, integrity, and availability of data and the network.
Patches available from the manufacturer should be applied according to references (https://www.netgear.com/about/security/). Until an update is applied, it is recommended to restrict access to the device's administrative interface only from trusted hosts and to disable remote access to the management panel.
Netgear R6850 with firmware version 1.1.0.88
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNetgear R6850
HWNetgearwszystkie wersjeNetgear R6850 Firmware
OSNetgear1.1.0.88
Related vulnerabilities
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 bef...
Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 befor...
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 befor...
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 ...
An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive info...