Cyber Posture

CVE-2024-57046

HighPublic PoC

Published: 18 February 2025

Published
18 February 2025
Modified
07 July 2025
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.5050 97.9th percentile
Risk Priority 48 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

Security Summary

CVE-2024-57046 is an authentication bypass vulnerability (CWE-287) in the Netgear DGN2200 router running firmware version v1.0.0.46 and earlier. The flaw allows unauthorized individuals to circumvent authentication by appending "?x=1.gif" to any requested URL, causing the router to treat the request as authenticated.

Attackers on an adjacent network (AV:A) can exploit this with low complexity (AC:L), no required privileges (PR:N), and no user interaction (UI:N). Successful exploitation provides high-impact access to confidentiality, integrity, and availability (C:H/I:H/A:H), with a CVSS v3.1 base score of 8.8, enabling potential full administrative control of the device.

Advisories and mitigation guidance are detailed in the GitHub security report at https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/DGN2200/ACL%20bypass%20Vulnerability%20in%20Netgear%20DGN2200.md and on Netgear's security portal at https://www.netgear.com/about/security/.

Details

CWE(s)
CWE-287

Affected Products

netgear
dgn2200 firmware
≤ 1.0.0.46

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

The CVE describes an authentication bypass vulnerability in the Netgear DGN2200 router's web management interface via a URL parameter (?x=1.gif), enabling exploitation of a public-facing application to gain unauthorized administrative access.

References