Posted by Pedro Ribeiro on Dec 21

Hi,

tl;dr
RCE in NETGEAR WNR2000 routers, exploitable over the LAN by default or
over the WAN if remote administration is enabled.
10.000 devices affected show up in Shodan – these are the ones with
remote admin enabled. There are likely tens of thousands of vulnerable
routers in private LANs as this device is extremely popular.

As usual, NETGEAR did not respond to any of my emails, so I’m releasing
this advisory and exploit code as a…