NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.
Software | From | Fixed in |
---|---|---|
netgear / prosafe_wc9500_firmware | 5.1.0.17 | 5.1.0.17.x |
netgear / prosafe_wc7600_firmware | 5.1.0.17 | 5.1.0.17.x |
netgear / prosafe_wc7520_firmware | 2.5.0.35 | 2.5.0.35.x |