CVE-2024-57046

nvd nist nuclei

Published: Feb 18, 2025Modified: Jul 7, 2025

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication.

Affected (1)

Products: Netgear: Dgn2200 Firmware

1 product

Dgn2200 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Dgn2200 Firmware	Up to 1.0.0.46

Running on/with	Platform Versions
Netgear Dgn2200	All versions

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (2)

https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass%20Vulnerability%20in%20Netgear%20DGN2200.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.netgear.com/about/security/

Source: cve@mitre.org

Vendor Advisory

Timeline

No history available yet.