July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple IBM Db2 Vulnerabilities
May 6, 2025Google Releases Patch for Actively Exploited Android System Flaw
May 6, 2025Multiple IBM Db2 Vulnerabilities
May 6, 2025Google Releases Patch for Actively Exploited Android System Flaw
May 6, 2025
Severity
High
Analysis Summary
CVE-2024-57229 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
CVE-2024-57230 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
CVE-2024-57231 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
CVE-2024-57232 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
CVE-2024-57233 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
CVE-2024-57234 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVE-2024-57235 CVSS:6.5
NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2024-57229
CVE-2024-57230
CVE-2024-57231
CVE-2024-57232
CVE-2024-57233
CVE-2024-57234
Affected Vendors
- NETGEAR
Affected Products
- NETGEAR RAX5 - V1.0.2.26
Remediation
Upgrade to the latest version of Netgear, available from the Netgear GIT Repository.