Technical Severity
CRITICALCVSS v3.1 Metrics
9.8
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitation Likelihood
EPSS Prediction
98.32
%
Predictive Probability
Percentile Rank
99.9
th
Documented as more likely to be exploited than 99.9% of known CVEs.
Detection Date
Mar 25, 2022
Remediation Due
Apr 15, 2022
CISA Catalog Active
Threat Analysis
Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.
Remediation Directive
Apply updates per vendor instructions.