QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-6334

Back to search

CVE-2017-6334

Published: Mar 6, 2017

Modified: Jan 12, 2026

PUBLISHED

Description

dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.

VendorProductVersions

n/a

n/a

affected
n/a

References

96463
vdb-entry
x_refsource_BID
41459
exploit
x_refsource_EXPLOIT-DB
41472
exploit
x_refsource_EXPLOIT-DB
42257
exploit
x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now