NETGEAR is aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface. A remote attacker can potentially inject arbitrary commands which are then executed by the system.
NETGEAR has tested the following products and confirmed that they are vulnerable: All products followed by a single asterisk (*) have beta firmware fixes available. All products followed by three asterisks (***) have production firmware fixes available.
R6250* R6400*** R6700* R6900* R7000*** R7100LG* R7300DST* R7900* R8000*** D6220* D6400*
The D7000 was previously included in a list of models that were affected by this security vulnerability. However, NETGEAR has tested and confirmed that the D7000 is not affected by this command injection vulnerability.