CVE-2017-6334

Confirmed PUBLISHED

dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via...

NETGEAR · DGN2200
Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
8.8 High

At a Glance

dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.

cisa metasploit edge
CVE Published
Mar 06, 2017
Exploitation Reported
Mar 25, 2022
CVSS
8.8 High
EPSS
Remote Low complexity No user interaction

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • 41459 exploit-db.com · Exploit https://www.exploit-db.com/exploits/41459/
  • 41472 exploit-db.com · Exploit https://www.exploit-db.com/exploits/41472/
  • 42257 exploit-db.com · Exploit https://www.exploit-db.com/exploits/42257/
  • 96463 securityfocus.com · VDB Entry http://www.securityfocus.com/bid/96463

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.