CVE-2024-35517
Published: 11 October 2024
Summary
CVE-2024-35517 is a high-severity Command Injection (CWE-77) vulnerability in Netgear Xr1000 Firmware. Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 6.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Netgear XR1000 firmware version 1.0.0.64 contains a command-injection vulnerability in the usb_remote_smb_conf.cgi endpoint. The flaw is triggered through the share_name parameter and is tracked as CWE-77. The issue received a CVSS 3.1 base score of 8.4, reflecting adjacent-network access, low attack complexity, and high-privileged authentication requirements that nevertheless permit impacts across confidentiality, integrity, and availability with changed scope.
An attacker who already possesses administrative credentials and can reach the device over an adjacent network can supply a crafted share_name value that results in arbitrary command execution on the router. Successful exploitation grants the attacker the ability to read or modify sensitive data, alter device configuration, or disrupt router operation, with effects that may extend beyond the device itself because of the changed scope.
The single public reference is a GitHub repository entry that documents the vulnerability details; no vendor advisory or firmware patch information is supplied in the available data. The associated EPSS score has remained flat at 0.1090 with no material increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-35347
Vulnerability details
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The command injection vulnerability in the web CGI script (usb_remote_smb_conf.cgi) enables remote exploitation of a public-facing application on a network device, leading to arbitrary command execution via the device's CLI/shell.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.