CVE-2013-4775
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
97.8%
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted administrator credentials and other startup configurations via a direct request to filesystem/startup-config.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| netgear | prosafe_firmware | 5.3.0.17 | cpe:2.3:o:netgear:prosafe_firmware:5.3.0.17:*:*:*:*:*:*:* |
| netgear | prosafe_gs725ts | - | cpe:2.3:h:netgear:prosafe_gs725ts:-:*:*:*:*:*:*:* |
| netgear | prosafe_gs728tps | - | cpe:2.3:h:netgear:prosafe_gs728tps:-:*:*:*:*:*:*:* |
| netgear | prosafe_gs728ts | - | cpe:2.3:h:netgear:prosafe_gs728ts:-:*:*:*:*:*:*:* |
| netgear | prosafe_gs752tps | - | cpe:2.3:h:netgear:prosafe_gs752tps:-:*:*:*:*:*:*:* |
| netgear | prosafe_firmware | * | cpe:2.3:o:netgear:prosafe_firmware:*:*:*:*:*:*:*:* |
| netgear | prosafe_firmware | 5.0.4.4 | cpe:2.3:o:netgear:prosafe_firmware:5.0.4.4:*:*:*:*:*:*:* |
| netgear | prosafe_firmware | 5.4.0.6 | cpe:2.3:o:netgear:prosafe_firmware:5.4.0.6:*:*:*:*:*:*:* |
| netgear | prosafe_firmware | 5.4.1.10 | cpe:2.3:o:netgear:prosafe_firmware:5.4.1.10:*:*:*:*:*:*:* |
| netgear | prosafe_gs724t | v3 | cpe:2.3:h:netgear:prosafe_gs724t:v3:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
97.8%