CVE-2021-41383

September 29, 2021

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field.

Summary:

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field.

Reference Links(if available):

  • https://j-o-e-l-s.github.io/2021/09/15/Hacking-The-Netgear-R6020.html

  • CVSS Score (if available)

    v2: / LOW

    v3: /

    Links to Exploits(if available)

  • You may have missed

    image

    [LOCKBIT3] – Ransomware Victim: madison-home[.]com

    November 22, 2024
    image

    [CHORT] – Ransomware Victim: sheboyganwi[.]gov

    November 22, 2024
    image

    [QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

    November 22, 2024
    image

    [QILIN] – Ransomware Victim: Calvert Home Mortgage Investment

    November 22, 2024
    image

    [QILIN] – Ransomware Victim: LBCO Contracting LTD

    November 22, 2024