Test ID:	1.3.6.1.4.1.25623.1.0.103728
Category:	Web application abuses
Title:	Netgear DGN Devices Authentication Bypass/RCE Vulnerability (Jun 2013) - Active Check
Summary:	Netgear DGN devices are prone to an authentication bypass and a; remote command execution (RCE) vulnerability.
Description:	Summary: Netgear DGN devices are prone to an authentication bypass and a remote command execution (RCE) vulnerability. Vulnerability Insight: These vulnerabilities were known to be exploited by the IoT Botnet 'Reaper' in 2017. Vulnerability Impact: Attackers can leverage this vulnerability to bypass existing authentication mechanisms and execute arbitrary commands on the affected devices, with root privileges. Affected Software/OS: - Netgear DGN1000 devices versions prior to 1.1.00.48 - Netgear DGN2200 devices in version 1 - Other DGN device version / models might be affected as well Solution: - Netgear DGN1000: Update to version 1.1.00.48 or later - Netgear DGN2200: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. - Other DGN devices: Please contact the vendor for more information CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-12847
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.