CVE-2022-46424 Information

Description

An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier.

Reference

https://hackmd.io/@slASVrz_SrW7NQCsunofeA/B1rKQuzDj https://www.netgear.com/about/security/