CVE-2017-6077

CRITICAL KEV

NETGEAR DGN2200 Firmware < 10.0.0.50 - Authenticated OS Command Injection via ping_IPAddr Parameter

Title source: llm

Exploitation Summary

CVE-2017-6077 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 7, 2022. EIP tracks 1 public exploit from researchers including SivertPL.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in the ping.cgi endpoint of Netgear routers, allowing authenticated users to execute arbitrary commands via shell metacharacters in the ping_IPAddr parameter. The PoC spawns an interactive shell by chaining commands through the vulnerable endpoint.

Description

ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.

Exploits (1)

exploitdb WORKING POC

by SivertPL · pythonwebappshardware

https://www.exploit-db.com/exploits/41394

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in the ping.cgi endpoint of Netgear routers, allowing authenticated users to execute arbitrary commands via shell metacharacters in the ping_IPAddr parameter. The PoC spawns an interactive shell by chaining commands through the vulnerable endpoint.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Netgear routers (multiple firmware versions)

Auth required

Prerequisites: Network access to the router's web interface · Valid credentials (default or hardcoded)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6077

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/96408

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/41394/

Scores

CVSS v3 9.8

EPSS 0.6820

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2022-03-07

VulnCheck KEV 2020-01-08

InTheWild.io 2021-11-11

ENISA EUVD EUVD-2017-15144

CWE

CWE-78

Status published

Products (1)

netgear/dgn2200_firmware < 10.0.0.50

Published Feb 22, 2017

KEV Added Mar 07, 2022

Tracked Since Feb 18, 2026