CVE-2022-30078 Information

Description

NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr ipv6_lan_ipaddr ipv6_wan_length or ipv6_lan_length parameters.

Reference

https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md https://www.netgear.com/about/security/ http://r6200v2.com