Lucene search
K

188 matches found

osv
osv
added 2023/11/29 11:15 p.m.4 views

CVE-2023-49694

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM...

7.8CVSS6AI score0.00537EPSS
Exploits1References2
cnnvd
cnnvd
added 2023/11/29 12:0 a.m.12 views

NETGEAR 访问控制错误漏洞

NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. An access control error vulnerability exists in the NETGEAR ProSAFE Network Management System v1.7.0.26 and earlier versions, which can be exploited ...

7.8CVSS6.9AI score0.00537EPSS
Exploits1References3
cnvd
cnvd
added 2023/11/27 12:0 a.m.2 views

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Vulnerability

NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the getNodesByTopologyMapSearch function, which can be exploited by an attacker to obtain sensitive information or...

8.8CVSS8.9AI score0.53563EPSS
Exploits0References1
cnvd
cnvd
added 2023/11/27 12:0 a.m.1 views

NETGEAR ProSAFE Network Management System clearAlertByIds Function SQL Injection Vulnerability

NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the clearAlertByIds function and can be exploited by an attacker to obtain sensitive information or execute arbitra...

8.8CVSS8.9AI score0.52562EPSS
Exploits0References1
zdi
zdi
added 2023/11/20 12:0 a.m.38 views

NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the clearAlertByIds function. The issue results from the lack of prop...

8.8CVSS7.8AI score0.52562EPSS
Exploits0References1
nessus
nessus
added 2023/09/15 12:0 a.m.34 views

NETGEAR ProSAFE Network Management System Authentication Bypass (CVE-2023-38096)

Binary data netgearnmszdi-23-920.nbin...

9.8CVSS9.3AI score0.83009EPSS
Exploits1References2
rapid7blog
rapid7blog
added 2023/09/01 4:30 p.m.56 views

Metasploit Weekly Wrap-Up

Pumpkin Spice Modules Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module targeting Apache NiFi as well as a new and improved library to interact wi...

6.5CVSS10.1AI score0.83009EPSS
Exploits11
ptsecurity
ptsecurity
added 2023/08/10 12:0 a.m.4 views

PT-2023-7060 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. The specific flaw exis...

9CVSS7.9AI score0.53563EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2023/08/10 12:0 a.m.4 views

PT-2023-7114 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is require...

9CVSS7.6AI score0.52562EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2023/08/09 12:0 a.m.5 views

PT-2023-7963 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the saveNodeLabel method in the NETGEAR ProSAFE Network Management System, which lacks proper validation of user-supplied data. Thi...

9.6CVSS7.1AI score0.53303EPSS
Exploits0References6
zdi
zdi
added 2023/07/13 12:0 a.m.41 views

NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MyHandlerInterceptor class. The issue results from improper...

9.8CVSS6.9AI score0.83009EPSS
Exploits1References1
zdi
zdi
added 2023/07/13 12:0 a.m.24 views

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

8.8CVSS7.9AI score0.52882EPSS
Exploits0References1
zdi
zdi
added 2023/07/13 12:0 a.m.25 views

NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.4AI score0.01293EPSS
Exploits0References1
cnvd
cnvd
added 2023/02/17 12:0 a.m.5 views

Unspecified Vulnerability in NETGEAR ProSAFE FS726TP

The NETGEAR ProSAFE FS726TP is a smart switch. A security vulnerability exists in the NETGEAR ProSAFE FS726TP that originates when an unspecified endpoint in the switch's web server fails to properly authenticate a user's identity, allowing configuration pages with passwords to be downloaded to t...

7.5CVSS7.4AI score0.00577EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/02/15 12:0 a.m.7 views

Netgear ProSAFE FS726TP 安全漏洞

The NETGEAR ProSAFE FS726TP is a smart switch. A security vulnerability exists in the NETGEAR ProSAFE FS726TP that originates when an unspecified endpoint in the switch's web server fails to properly authenticate a user's identity, allowing configuration pages with passwords to be downloaded to t...

7.5CVSS6.5AI score0.00577EPSS
Exploits0References2
cvelist
cvelist
added 2023/02/15 12:0 a.m.26 views

CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.

An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text...

7.5CVSS7.8AI score0.00577EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/02/08 12:0 a.m.6 views

PT-2023-3790 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability in the UpLoadServlet class, which can be exploited by remote attackers to execute arbitra...

9CVSS7.8AI score0.09785EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2023/02/08 12:0 a.m.5 views

PT-2023-3787 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Although authentication is required to exploit this, the existing...

9CVSS7.1AI score0.01277EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2023/02/08 12:0 a.m.9 views

PT-2023-3792 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Although authentication is required to exploit this issue, the existin...

9CVSS7.8AI score0.01293EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2023/02/08 12:0 a.m.6 views

PT-2023-3791 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authenticatio...

9CVSS7.8AI score0.01689EPSS
Exploits0References7
Rows per page
Query Builder