Home

Description

dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.

PUBLISHED Reserved 2017-02-26 | Published 2017-03-06 | Updated 2026-01-12 | Assigner mitre

CISA Known Exploited Vulnerability

Date added 2022-03-25 | Due date 2022-04-15

The impacted product is end-of-life and should be disconnected if still in use.

References

www.securityfocus.com/bid/96463 (96463) vdb-entry

www.exploit-db.com/exploits/41459/ (41459) exploit

www.exploit-db.com/exploits/41472/ (41472) exploit

www.exploit-db.com/exploits/42257/ (42257) exploit

www.cisa.gov/...nerabilities-catalog?field_cve=CVE-2017-6334 government-resource

www.securityfocus.com/bid/96463 (96463) vdb-entry

www.exploit-db.com/exploits/41459/ (41459) exploit

www.exploit-db.com/exploits/41472/ (41472) exploit

www.exploit-db.com/exploits/42257/ (42257) exploit

cve.org (CVE-2017-6334)

nvd.nist.gov (CVE-2017-6334)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.