CVE-2024-35520
Published: 14 October 2024
Summary
CVE-2024-35520 is a high-severity Command Injection (CWE-77) vulnerability in Netgear R7000 Firmware. Its CVSS base score is 8.4 (High).
Operationally, ranked in the top 9.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Netgear R7000 firmware version 1.0.11.136 is affected by a command-injection flaw (CWE-77) in the RMT_invite.cgi endpoint. The vulnerability is triggered when an attacker supplies a crafted device_name2 parameter, allowing arbitrary operating-system commands to be executed on the device.
Exploitation requires adjacent-network access and high privileges, corresponding to the CVSS vector AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H. An authenticated administrator on the local network can therefore achieve full control over the router, including the ability to read or modify configuration data, install persistent malware, or disrupt network services.
The referenced Netgear security advisory PSV-2023-0154 describes the issue as post-authentication command injection and directs users to updated firmware that eliminates the vulnerable parameter handling in RMT_invite.cgi.
EPSS remains flat at 0.0536 with no upward movement since disclosure, indicating limited observed exploitation interest to date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-35350
Vulnerability details
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.