CVE-2024-57046

HIGH EXPLOITED NUCLEI

Netgear DGN2200 <v1.0.0.46 - Auth Bypass

Title source: llm

Description

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication.

Nuclei Templates (1)

Netgear DGN2200 - Improper Authentication

HIGHVERIFIEDby ritikchaddha

Shodan: http.title:"DGN2200"

FOFA: title="NETGEAR DGN2200"

References (2)

[Exploit, Third Party Advisory] https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass%20Vulnerability%20in%20Netgear%20DGN2200.md

View Exploit ZIP pw:eip

[Vendor Advisory] https://www.netgear.com/about/security/

Scores

CVSS v3 8.8

EPSS 0.5050

EPSS Percentile 97.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2026-04-12

CWE

CWE-287

Status published

Products (1)

netgear/dgn2200_firmware < 1.0.0.46

Published Feb 18, 2025

Tracked Since Feb 18, 2026