Description: Netgear EX3700 ‘ AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operating_mode.cgi via the ap_mode parameter with ap_24g_manual set to 1 and ap_24g_manual_sec set to NotNone.
CVE-2024-35522
Published Date: 2024-10-11T22:15:04.117
Last Modified: 2024-10-11T22:15:04.117
CVSS Score: 8.4 (HIGH)
EPSS Score: 0.04%
Risk Score: 5.88 (HIGH)
Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.
CVSS:
8.4 |
EPSS:
0.04%
Mitre ATT&CK Technical v15.1
T1053.002 – At
Technical Analysis & Mitigation Measures
1. Technical Attack Analysis:
– The authenticated command injection vulnerability in Netgear EX3700 allows an attacker with valid credentials to execute arbitrary commands on the device through the manipulation of the `ap_mode` parameter.
– Exploitation can lead to unauthorized access to sensitive device configurations, manipulation of network settings, and potential pivoting to other devices within the network.
– Adversaries could leverage this vulnerability to install malware, create backdoors, or conduct further attacks on the internal network.
– The attack technique T1053.002 (Scheduled Task/Job – At) suggests that an attacker could schedule malicious tasks to execute at specified times, maintaining persistence on the device.
2. Mitigation Measures:
– Update the device firmware to the latest version (1.0.0.98 or later).
– Implement strong, unique passwords for device access.
– Limit access to the device management interface by IP whitelisting.
– Disable remote management features if not necessary.
– Regularly monitor device logs for unusual activity.
– Conduct periodic security assessments of network devices.
– Educate users about the risks of using default credentials and the importance of changing them.
The content above is generated by AI. Please review and consider carefully before applying!
Reference Links
Vendor - Produce - Version
None
Disclaimer
The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.