CVE-2024-30568

CRITICAL NUCLEI

Netgear R6850 Firmware - Code Injection

Title source: rule

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter.

Netgear R6850 V1.1.0.88 - Command Injection

CRITICALVERIFIEDby ritikchaddha

FOFA: app="NETGEAR" && "R6850"

CVSS v3 9.8

EPSS 0.9081

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-94

Status published

Products (1)

netgear/r6850_firmware 1.1.0.88

Published Apr 03, 2024

Tracked Since Feb 18, 2026