A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product’s users or administrators.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rbs750_firmware | Netgear | 4.6.8.5 (including) | 4.6.8.5 (including) |