CVE-2023-51634

HIGH EPSS 42.1%

Published Nov 22, 20241y ago · Modified Jun 17, 20261w ago

7.5 CVSS 3.1

High

Published Nov 22, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19589.

CVSS Details

Base Score

7.5

Exploitability

1.6

Impact

5.9

Vector string

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector Adjacent

Attack Complexity High

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

42.1% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-295

Affected Products 2

Vendor	Product	Version	Range
netgear	rax30_firmware	*	<1.0.12.100_hotfix
netgear	rax30	*	any

References 2

kb.netgear.com https://kb.netgear.com/000065928/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2023-0139

Vendor Advisory
zerodayinitiative.com https://www.zerodayinitiative.com/advisories/ZDI-24-583/

Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.