The bug is in the Netgear WNDR3700v4 router, a home dual-band gigabit router. The vulnerability is a command-injection flaw that, when combined with a separate authentication-bypass bug that the same researcher discovered, can give an attacker root access to vulnerable routers. The bug affects versions 1.0.1.11.32 and 1.42 of the router s firmware. The best mitigation for affected users is to disable remote administration on their routers.
Source: https://threatpost.com/some-netgear-routers-open-to-remote-authentication-bypass-command-injection/102689/