Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.50, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX75 before 1.0.1.62, and RAX80 before 1.0.1.62.
Metrics
CVSS Version: 3.1 |
Base Score: 6.1 MEDIUM Vector: CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:R
l➤ Exploitability Metrics: Attack Vector (AV)* LOCAL Attack Complexity (AC)* LOW Privileges Required (PR)* HIGH User Interaction (UI)* REQUIRED Scope (S)* UNCHANGED
l➤ Impact Metrics: Confidentiality Impact (C)* HIGH Integrity Impact (I)* HIGH Availability Impact (A)* LOW
Weakness Enumeration (CWE)
CWE-ID: CWE Name: n/a Source: n/a
Common Attack Pattern Enumeration and Classification (CAPEC)