Vulnerabilities > Netgear > Gs110Tpp Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2021-33514 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field.
network
low complexity
netgear CWE-78
critical
9.8