Critical Vulnerability Information Product Information Device: NETGEAR RAX5 Firmware Version: V1.0.2.26 Manufacturer Website: https://www.netgear.com/ Firmware Download Links: - https://www.downloads.netgear.com/files/GDC/RAXS/RAX5_V1.0.2.26_1.zip - https://www.netgear.com/support/download/model=RAX5 Vulnerability Description A command injection vulnerability exists in the function within the file , which takes the parameter as input. Relevant code snippet: Entry point: Exploit Payload This vulnerability can be triggered by injecting a command such as using the following payload: After injection, the result can be verified.