18.104.22.168_1.1.79 is vulnerable. As I had one laying around, plugged it in and it would execute code when I shot it the url.
Updated to V22.214.171.124_1.1.93 also vulnerable.
Kills the httpd demon and doesn't allow remote execution (or web management) until rebooted, where router-adress is the netgear. That is work around enough.