126.96.36.199_1.1.79 is vulnerable. As I had one laying around, plugged it in and it would execute code when I shot it the url.
Updated to V188.8.131.52_1.1.93 also vulnerable.
Kills the httpd demon and doesn't allow remote execution (or web management) until rebooted, where router-adress is the netgear. That is work around enough.