An expert found flaws in NETGEAR WNR2000 routers that could be remotely exploited by an attacker to take full control of the affected device. Security expert Pedro Ribeiro has already discovered around 10,000 vulnerable devices with the remote admin enabled that are affected by an RCE flaw. The vulnerability allows an administrator to perform sensitive actions by invoking the CGI apply. CGI URL on the web server on the device. The researcher also discovered that it is possible to invoke other functions (i.e. Changing Internet WLAN settings or retrieving the admin password) by sending a timestamp variable attached to the URL.”]
Source: https://securityaffairs.co/wordpress/54647/hacking/netgear-wnr2000-routers-flaw.html