Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.58 and R7500v2 before 1.0.3.48.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26909
Reference (s):
- https://kb.netgear.com/000062344/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-PSV-2020-0163