This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140.Ĭertain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.Ĭertain NETGEAR devices are affected by command injection by an unauthenticated attacker. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.Ĭertain NETGEAR devices are affected by command injection by an unauthenticated attacker.
![octopus lg 2.0.9 octopus lg 2.0.9](https://windows-cdn.softpedia.com/screenshots/WAMP5_4.png)
The Le-yan dental management system contains an SQL-injection vulnerability.
![octopus lg 2.0.9 octopus lg 2.0.9](https://distrowatch.com/images/ktyxqzobhgijab/freebsd.png)
Addressed this vulnerability by disabling checks for internet connectivity using HTTP.
![octopus lg 2.0.9 octopus lg 2.0.9](https://i.ytimg.com/vi/SI38gJIq6ZE/maxresdefault.jpg)
A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call.