CVE-2024-54806

CRITICAL

9.8

Description

Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface.

CVE Details

CVSS v3.1 Score9.8

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published3/31/2025

Last Modified4/17/2025

Sourcenvd

Honeypot Sightings0

Affected Products

netgear:wnr854tnetgear:wnr854t_firmware

Weaknesses (CWE)

CWE-94

References

https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#806(cve@mitre.org)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.