An unpatched vulnerability in some Netgear routers allows hackers to execute arbitrary shell commands, and the vulnerability was notified to Netgear back in April.

The U.S. CERT Coordination Center (CERT/CC) at Carnegie Mellon University rated the flaw as critical, assigning it a score of 9.3 out of 10 in the Common Vulnerability Scoring System (CVSS).

[pcworld.com...]

Netgear confirmed the vulnerability on R7000, R6400 and R8000 routers, but security researchers indicated the vulnerability may also affect R7000, R7000P, R7500, R7800, R8500 and R9000 routers.