Fortinet Discovers Netgear R8000 Command Injection in CGI Handler
Fortinet's FortiGuard Labs has discovered post authentication command injection in Netgear Nighthawk routers.
Netgear is a global computer networking company based in San Jose, California, in the United States. It produces networking hardware for consumers, businesses, and service providers.
There is command injection issue in wlg_adv.cgi CGI handler. The CGI handler allows attacker to set arbitrary device name into NVRAM that could leads to arbitrary system command execution.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released May 14, 2018
Users should apply latest update from the vendor
Fortinet reported the vulnerability to Netgear on 16, April 2018
Netgear confirmed the vulnerability on 26, April 2018
Netgear released patch for the vulnerability on 04, September 2019