CVE-2023-28338 (rax30_firmware)

Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type� of “multipartboundary=� will result in the request body being written to “/tmp/mulipartFile� on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting in the device becoming unusable until it is rebooted.

body cve device file large large file netgear nighthawk request resources result router send service web