Vulnerabilities > CVE-2025-28219 - Unspecified vulnerability in Netgear Dc112A Firmware 1.0.0.64

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

netgear

NVD

Published: 2025-03-28

Updated: 2025-05-02

Summary

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.

Vulnerable Configurations

Part	Description	Count
OS	Netgear Netgear Dc112A Firmware 1.0.0.64	1
Hardware	Netgear Netgear Dc112A -	1

References

https://github.com/IdaJea/IOT_vuln_1/blob/master/DC112A_V1.0.0.64/sub_69600.pdf