Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.Referenceshttps://kb.netgear.com/000063019/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Routers-PSV-2020-0530
