Lucene search

TenableCVELIST:CVE-2023-49694

HistoryNov 29, 2023 - 10:47 p.m.

CVE-2023-49694 NETGEAR ProSAFE Network Management System Privilege Escalation Via MySQL Server

2023-11-2922:47:42

CWE-284

tenable

www.cve.org

cve-2023-49694

netgear

prosafe

network management system

privilege escalation

mysql server

windows host

jsp files

tomcat web application directory

security context

system

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "NETGEAR ProSAFE Network Management System",
    "vendor": "NETGEAR",
    "versions": [
      {
        "lessThan": "1.7.0.34",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.netgear.com/000065885/Security-Advisory-for-Vertical-Privilege-Escalation-on-the-NMS300-PSV-2023-0127

www.tenable.com/security/research/tra-2023-39

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-49694