188 matches found
CVE-2023-49694
A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM...
NETGEAR 访问控制错误漏洞
NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. An access control error vulnerability exists in the NETGEAR ProSAFE Network Management System v1.7.0.26 and earlier versions, which can be exploited ...
NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Vulnerability
NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the getNodesByTopologyMapSearch function, which can be exploited by an attacker to obtain sensitive information or...
NETGEAR ProSAFE Network Management System clearAlertByIds Function SQL Injection Vulnerability
NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the clearAlertByIds function and can be exploited by an attacker to obtain sensitive information or execute arbitra...
NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the clearAlertByIds function. The issue results from the lack of prop...
NETGEAR ProSAFE Network Management System Authentication Bypass (CVE-2023-38096)
Binary data netgearnmszdi-23-920.nbin...
Metasploit Weekly Wrap-Up
Pumpkin Spice Modules Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module targeting Apache NiFi as well as a new and improved library to interact wi...
PT-2023-7060 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. The specific flaw exis...
PT-2023-7114 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is require...
PT-2023-7963 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the saveNodeLabel method in the NETGEAR ProSAFE Network Management System, which lacks proper validation of user-supplied data. Thi...
NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MyHandlerInterceptor class. The issue results from improper...
NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...
NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Unspecified Vulnerability in NETGEAR ProSAFE FS726TP
The NETGEAR ProSAFE FS726TP is a smart switch. A security vulnerability exists in the NETGEAR ProSAFE FS726TP that originates when an unspecified endpoint in the switch's web server fails to properly authenticate a user's identity, allowing configuration pages with passwords to be downloaded to t...
Netgear ProSAFE FS726TP 安全漏洞
The NETGEAR ProSAFE FS726TP is a smart switch. A security vulnerability exists in the NETGEAR ProSAFE FS726TP that originates when an unspecified endpoint in the switch's web server fails to properly authenticate a user's identity, allowing configuration pages with passwords to be downloaded to t...
CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.
An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text...
PT-2023-3790 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability in the UpLoadServlet class, which can be exploited by remote attackers to execute arbitra...
PT-2023-3787 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Although authentication is required to exploit this, the existing...
PT-2023-3792 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Although authentication is required to exploit this issue, the existin...
PT-2023-3791 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authenticatio...