CVE-2019-17049

NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account.
Source: NIST
CVE-2019-17049