Lucene search

[email protected]CVE-2009-0680

HistoryFeb 22, 2009 - 10:30 p.m.

CVE-2009-0680

2009-02-2222:30:01

CWE-22

[email protected]

web.nvd.nist.gov

netgear

ssl312

cve-2009-0680

denial of service

web interface

vulnerability

6.8 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.022 Low

EPSS

Percentile

89.4%

JSON

cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences.

Affected configurations

NVD

Node

netgearssl312Match-

CPENameOperatorVersion
netgear:ssl312netgear ssl312eq-

CPE	Name	Operator	Version
netgear:ssl312	netgear ssl312	eq	-

References

archives.neohapsis.com/archives/fulldisclosure/2009-02/0084.html

secunia.com/advisories/33896

www.helith.net/txt/netgear_ssl312_remote_dos.txt

www.securityfocus.com/bid/33675

exchange.xforce.ibmcloud.com/vulnerabilities/48605

www.exploit-db.com/exploits/8008

6.8 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.022 Low

EPSS

Percentile

89.4%

JSON

Related for CVE-2009-0680

cvelist1 prion1 nvd1