Cobalt Strike Malware – Active IOCs

November 6, 2024

Multiple D-Link DIR_823G Vulnerabilities

November 7, 2024

Multiple NETGEAR Products Vulnerabilities

November 6, 2024

Severity

High

Analysis Summary

CVE-2024-51022 CVSS:6.5

Netgear XR300 is vulnerable to a denial of service, caused by a stack-based buffer overflow using the ssid parameter in bridge_wireless_main.cgi. By sending a specially crafted POST request, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-51012 CVSS:6.5

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

CVE-2024-51009 CVSS:8.8

Netgear R8500 could allow a remote attacker from within the local network to execute arbitrary commands on the system, caused by a command injection vulnerability in the wan_gateway parameter at ether.cgi. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary OS commands on the system.

Impact

Denial of Service
Gain Access

Indicators of Compromise

CVE

CVE-2024-51022
CVE-2024-51012
CVE-2024-51009

Affected Vendors

NETGEAR

Affected Products

Netgear XR300 1.0.3.78
Netgear R8500 1.0.2.160

Remediation

Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.

NETGEAR Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us