CVE•Published 2025-01-10•1 article on news•7 live references•NVD data
CVE-2024-12847
Vulnerability data via CVEDB (Shodan)
CVSS v3.1
9.8
CRITICAL
EPSS percentile
98
Exploit Prediction Scoring System · top 2% of all CVEs
Description
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited in the wild since at least 2017 and specifically by the Shadowserver Foundation on 2025-02-06 UTC.
Timeline
Published 2025-01-10
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
More intel sources (5)
Shodan report
vuln:CVE-2024-12847Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2024-12847Censys host search filtered to this CVE id.
grep.app
CVE-2024-12847Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2024-12847GitHub code search for direct mentions.
Google dork
"CVE-2024-12847" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (2)
CVE-2024-128472 repos
zmap/zannotateGo
Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS)
mrhenrike/EmbedXPL-ForgePython
Embedded Device Security Assessment Framework — 700 modules, 350 CVEs, 55 vendors, APT Group Engine. Covers routers, IP cameras, GPON ONTs, ISP CPEs, IoT/embedded edge.