CVE-2024-12847
CRITICALCVSS v3
9.8
CRITICAL
EPSS Score
69.3%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited in the wild since at least 2017 and specifically by the Shadowserver Foundation on 2025-02-06 UTC.
Technical Details
- Published
- 1/10/2025
Frequently Asked Questions
What is CVE-2024-12847?
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited in the wild since at least 2017 and specifically by the Shadowserver Foundation on 2025-02-06 UTC.
Is CVE-2024-12847 actively exploited?
Active exploitation of CVE-2024-12847 has not been confirmed. The EPSS score is 69.3%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-12847?
CVE-2024-12847 has a CVSS v3 base score of 9.8 (CRITICAL severity).
Is CVE-2024-12847 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.