CVE-2023-28337
N/A
N/A
Summary
When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | NETGEAR Nighthawk WiFi6 Router (RAX30) | All known versions | affected |
Weaknesses
- Signature Bypass
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.