CVE-2023-33532
Published: 06 June 2023
Summary
CVE-2023-33532 is a critical-severity Command Injection (CWE-77) vulnerability in Netgear R6250 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 5.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-33532 is a command injection vulnerability affecting the Netgear R6250 router running firmware version 1.0.4.48. The flaw, tracked under CWE-77, resides in the web management interface and permits an attacker to supply crafted parameters in POST requests that are executed by the underlying system.
An attacker who first obtains web management access can leverage the injection to execute arbitrary commands and escalate to shell-level privileges on the device. The vulnerability carries a CVSS 3.1 score of 9.8, reflecting network-accessible exploitation with no required user interaction or special privileges beyond initial management access.
The associated EPSS score rose from a low baseline after disclosure to a peak of 0.3026 on 2025-12-11 before receding to the current value of 0.1631, indicating a later surge in exploitation interest. Public references consist of Netgear product pages and a detailed proof-of-concept document hosted on GitHub that demonstrates the remote code execution path.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-37691
Vulnerability details
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.