CVE-2024-12847
Last modified
CVE-2024-12847 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. EPSS estimates a 28.99% chance of exploitation in the next 30 days.
Description
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited in the wild since at least 2017 and specifically by the Shadowserver Foundation on 2025-02-06 UTC.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Dgn1000 Firmware | < 1.1.00.48 |
References
- https://seclists.org/bugtraq/2013/Jun/8Mailing List, Third Party Advisory
- https://vulncheck.com/advisories/netgear-dgnVendor Advisory
- https://www.exploit-db.com/exploits/25978Exploit, Third Party Advisory, VDB Entry
- https://www.exploit-db.com/exploits/43055Exploit, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2024-12847?
How severe is CVE-2024-12847?
How do I fix CVE-2024-12847?
Are you affected by CVE-2024-12847?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST