CVE-2024-23690

High CVSS: 7.2

The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted "util backup_configuration" commands.

Vendor

Product

CWE

CWE-78

Yayın Tarihi

2025-02-04 15:15:17

Güncelleme

2025-02-04 15:15:17

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-78 HIGH 2025

Referanslar

https://vulncheck.com/advisories/netgear-fvs336g-rce