Vulnerabilities > CVE-2022-36429 - Hidden Functionality vulnerability in Netgear Rbs750 Firmware 4.6.8.5

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
netgear
CWE-912

Summary

A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.

Vulnerable Configurations

Part Description Count
OS
Netgear
1
Hardware
Netgear
1

Common Weakness Enumeration (CWE)