Request a Demo
Rewterz
Multiple IBM Db2 Vulnerabilities
May 6, 2025
Rewterz
Google Releases Patch for Actively Exploited Android System Flaw
May 6, 2025

Multiple Netgear RAX5 Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-57229 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.

CVE-2024-57230 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.

CVE-2024-57231 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.

CVE-2024-57232 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.

CVE-2024-57233 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.

CVE-2024-57234 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.

CVE-2024-57235 CVSS:6.5

NETGEAR RAX5 (AX1600 WiFi Router) was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.

Impact

  • Gain Access

Indicators of Compromise

CVE

  • CVE-2024-57229

  • CVE-2024-57230

  • CVE-2024-57231

  • CVE-2024-57232

  • CVE-2024-57233

  • CVE-2024-57234

Affected Vendors

  • NETGEAR

Affected Products

  • NETGEAR RAX5 - V1.0.2.26

Remediation

Upgrade to the latest version of Netgear, available from the Netgear GIT Repository.

CVE-2024-57229

CVE-2024-57230

CVE-2024-57231

CVE-2024-57232

CVE-2024-57233

CVE-2024-57234