Security researchers have found vulnerability, which was classified as critical, on Netgear R8300 Wireless LAN Software.
The Nighthawk X8 AC5000 Smart WiFi Router’s Tri-Band WiFi and Quad Stream performance boosts its combined wireless speeds to up to 5 Gbps. Four external Active Antennas plus four internal antennas amplify WiFi range. Six Gigabit Ethernet ports means even more wired devices can connect and with Port Aggregation 2 ports can combine to double maximum wired speeds. Control your home network with voice commands using Amazon Alexa™ and the Google® Assistant
The manipulation with an unknown input leads to a privilege escalation vulnerability (Command Injection).
Using CWE to declare the problem leads to CWE-77 . Impacted is confidentiality, integrity, and availability.
The weakness was disclosed 09/01/2020. The identification of this vulnerability is CVE-2020-25067 since 09/01/2020. The attack needs to approached within the local network. No form of authentication is needed for a successful exploitation.
Upgrading to version 1.0.2.134 eliminates this vulnerability.