CVE-2024-57046

high-risk

Published 2025-02-18

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication.

Do I need to act?

56.0% chance of exploitation in next 30 days

EPSS score — higher than 44% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (1)

Dgn2200 Firmware

Affected Vendors

Netgear

References (2)

Exploit https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass...

Vendor Advisory https://www.netgear.com/about/security/

/ 100

high-risk

Severity 27/34 · High

Exploitability 18/34 · Moderate

Exposure 5/34 · Minimal