CVE-2025-4121
Netgear JWNR2000v2 cmd_wireless command injection
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Netgear JWNR2000v2 cmd_wireless command injection
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
In Netgear JWNR2000v2 1.0.0.11 wurde eine kritische Schwachstelle ausgemacht. Das betrifft die Funktion cmd_wireless. Durch das Beeinflussen des Arguments host mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden.
| 2025-04-30: | Advisory disclosed |
| 2025-04-30: | VulDB entry created |
| 2025-04-30: | VulDB entry last update |
yummysoup2 (VulDB User)
vuldb.com/?id.306601 (VDB-306601 | Netgear JWNR2000v2 cmd_wireless command injection)
vuldb.com/?ctiid.306601 (VDB-306601 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.560775 (Submit #560775 | Netgear JWNR2000v2 1.0.0.11 Command Injection)
github.com/..._injection-cmd_wireless-port_phy_set/README.md
www.netgear.com/
Support options
