Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value


Disclosure Date: March 15, 2017 (last updated June 05, 2020)
Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware through allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.
Attacker Value


Disclosure Date: March 06, 2017 (last updated July 30, 2020)
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.