WRITEUP #2854

Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044)

XSSArbitrary file readAuthentication bypassOS command injectionRCE

by@stereotype32(stypr)

Program

Netgear

Published

Mar 25, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://flattsecurity.medium.com/finding-bugs-to-trigger-unauthenticated-command-injection-in-a-netgear-router-psv-2022-0044-2b394fb9edc

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

We hacked Anki - 0 day exploit from studying someone elses flashcards

RCEComponents with known vulnerabilities

Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents

RCEArbitrary file read

Built with ❤️ by Shubham Rawat