CVE-2009-0680

Netgear SSL312 - Denial of Service via Crafted Query String

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0680. PoCs published by Rembrandt.

AI-analyzed exploit summary This is a writeup describing a Denial of Service (DoS) vulnerability in the Netgear SSL312 VPN router. The issue is triggered by manipulating the URL path in the web interface, causing the device to crash and require a hard reboot.

Description

cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Rembrandt · textdoshardware
https://www.exploit-db.com/exploits/8008

This is a writeup describing a Denial of Service (DoS) vulnerability in the Netgear SSL312 VPN router. The issue is triggered by manipulating the URL path in the web interface, causing the device to crash and require a hard reboot.

Classification
Writeup 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Netgear SSL312 VPN router (proprietary CGI binary)
No auth needed
Prerequisites: Access to the web interface of the Netgear SSL312 VPN router
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2009-02/0084.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48605
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33675
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8008
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33896

Scores

EPSS 0.0841
EPSS Percentile 94.3%

Details

CWE
CWE-22
Status published
Products (1)
netgear/ssl312
Published Feb 22, 2009
Tracked Since Feb 18, 2026