Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
References
Link | Resource |
---|---|
https://github.com/consrc/cves/blob/main/CVE-2024-35519.md | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
16 Oct 2024, 17:17
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:* |
|
References | () https://github.com/consrc/cves/blob/main/CVE-2024-35519.md - Third Party Advisory | |
CWE | CWE-77 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
First Time |
Netgear ex6120
Netgear ex3700 Firmware Netgear ex3700 Netgear ex6100 Firmware Netgear Netgear ex6120 Firmware Netgear ex6100 |
15 Oct 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
14 Oct 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-14 22:15
Updated : 2024-10-16 17:17
NVD link : CVE-2024-35519
Mitre link : CVE-2024-35519
CVE.ORG link : CVE-2024-35519
JSON object : View
Products Affected
netgear
- ex3700
- ex6120
- ex6100
- ex3700_firmware
- ex6120_firmware
- ex6100_firmware
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')