漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300
Vulnerability Description
Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the device. Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update to the latest. Fixed in: RAX30 firmware 1.0.14.108 or later. RAXE300 firmware 1.0.9.82 or later
CVSS Information
N/A
Vulnerability Type
证书验证不恰当
Vulnerability Title
NETGEAR RAX30和NETGEAR RAXE300 安全漏洞
Vulnerability Description
NETGEAR RAX30和NETGEAR RAXE300都是美国网件(NETGEAR)公司的产品。NETGEAR RAX30是一个双频无线路由器。NETGEAR RAXE300是一款无线路由器。 NETGEAR RAX30和RAXE300存在安全漏洞,该漏洞源于固件更新逻辑中的证书验证不当,可能导致拦截和篡改流量的攻击者在设备上执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A