Description

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited in the wild since at least 2017 and specifically by the Shadowserver Foundation on 2025-02-06 UTC.

INFO

Published Date :

2025-01-10T19:36:36.675Z

Last Modified :

2026-04-07T14:08:27.802Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2024-12847 vulnerability.

Vendors Products
Netgear
  • Dgn1000
  • Dgn1000 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-12847.

URL Resource
https://seclists.org/bugtraq/2013/Jun/8 cve-icon cve-icon
https://vulncheck.com/advisories/netgear-dgn cve-icon cve-icon
https://www.exploit-db.com/exploits/25978 cve-icon cve-icon
https://www.exploit-db.com/exploits/43055 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact