Lucene search
K

347 matches found

CNNVD
CNNVD
added 2023/11/29 12:0 a.m.12 views

NETGEAR 访问控制错误漏洞

NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. An access control error vulnerability exists in the NETGEAR ProSAFE Network Management System v1.7.0.26 and earlier versions, which can be exploited ...

7.8CVSS6.9AI score0.00537EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.2 views

NETGEAR 访问控制错误漏洞

NETGEAR ProSAFE Network Management System is a network management system from NETGEAR for centralized management, monitoring, and configuration of network devices. An Access Control Error vulnerability exists in the NETGEAR ProSAFE Network Management System that originates from an unauthenticated...

9.8CVSS7.4AI score0.01154EPSS
Exploits1References3
CNVD
CNVD
added 2023/11/27 12:0 a.m.2 views

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Vulnerability

NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the getNodesByTopologyMapSearch function, which can be exploited by an attacker to obtain sensitive information or...

8.8CVSS8.9AI score0.53563EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/27 12:0 a.m.1 views

NETGEAR ProSAFE Network Management System clearAlertByIds Function SQL Injection Vulnerability

NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the clearAlertByIds function and can be exploited by an attacker to obtain sensitive information or execute arbitra...

8.8CVSS8.9AI score0.52562EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.5 views

PT-2023-7244 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the implementation of the Java Debug Wire Protocol JDWP in the ProSAFE Network Management System, which lacks authentication for a...

9.8CVSS7.6AI score0.01154EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2023/11/27 12:0 a.m.4 views

The vulnerability of the clearAlertByIds() function in the ProSAFE Network Management System (NMS300) allows a hacker to increase their privileges.

The vulnerability of the clearAlertByIds function in the ProSAFE Network Management System NMS300 for managing, diagnosing, and optimizing network devices is related to the lack of protection for the SQL query structure. Exploiting this vulnerability could allow a malicious actor to increase thei...

9CVSS7.7AI score0.52562EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.7 views

The vulnerability of the getNodesByTopologyMapSearch() function in the network management, diagnosis, and optimization system for network devices, ProSAFE Network Management System (NMS300), allows a hacker to execute arbitrary code.

The vulnerability of the getNodesByTopologyMapSearch function in the system for managing, diagnosing, and optimizing the operation of network devices, the ProSAFE Network Management System NMS300, is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allo...

9CVSS8.1AI score0.53563EPSS
Exploits0References4Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/11/20 12:0 a.m.36 views

NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the clearAlertByIds function. The issue results from the lack of prop...

8.8CVSS7.8AI score0.52562EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/11/20 12:0 a.m.17 views

NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getNodesByTopologyMapSearch function. The issue results from t...

8.8CVSS8.2AI score0.53563EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/15 12:0 a.m.34 views

NETGEAR ProSAFE Network Management System Authentication Bypass (CVE-2023-38096)

Binary data netgearnmszdi-23-920.nbin...

9.8CVSS9.3AI score0.83009EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.5 views

The vulnerability of the ZipUtils class in the ProSafe Network Management System, which includes tools for network device management, diagnosis, and optimization, allows a hacker to bypass security restrictions and execute arbitrary code.

The vulnerability of the ZipUtils class in the ProSafe Network Management NMS300 system, which is used for managing, diagnosing, and optimizing the operation of network devices, is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability allows...

9CVSS7.4AI score0.58622EPSS
Exploits0References5Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2023/09/01 4:30 p.m.55 views

Metasploit Weekly Wrap-Up

Pumpkin Spice Modules Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module targeting Apache NiFi as well as a new and improved library to interact wi...

6.5CVSS10.1AI score0.83009EPSS
Exploits10
Positive Technologies
Positive Technologies
added 2023/08/10 12:0 a.m.4 views

PT-2023-7060 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. The specific flaw exis...

9CVSS7.9AI score0.53563EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/08/10 12:0 a.m.4 views

PT-2023-7114 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is require...

9CVSS7.6AI score0.52562EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-7963 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the saveNodeLabel method in the NETGEAR ProSAFE Network Management System, which lacks proper validation of user-supplied data. Thi...

9.6CVSS7.1AI score0.53303EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.7 views

The vulnerability of the MFileUploadController class in the system for managing, diagnosing, and optimizing the operation of network devices. ProSafe Network Management NMS300 allows a hacker to execute arbitrary code.

The vulnerability of the MFileUploadController class in the ProSafe Network Management NMS300 system, which is used for managing, diagnosing, and optimizing the operation of network devices, stems from the lack of restrictions on file uploads. Exploiting this vulnerability could allow a malicious...

9CVSS8AI score0.62472EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.5 views

The vulnerability of the createUser function in the system for managing, diagnosing, and optimizing the operation of network devices, ProSafe Network Management NMS300, allows a hacker to increase their privileges.

The vulnerability of the createUser function in the ProSafe Network Management NMS300 system, a device for managing, diagnosing, and optimizing network devices, lies in buffer overflow attacks. Exploiting this vulnerability can allow attackers to gain increased privileges remotely...

9CVSS7.9AI score0.01277EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.6 views

The vulnerability of the SettingConfigController class in the system’s management, diagnosis, and optimization of network device operations. The ProSafe Network Management NMS300 allows a hacker to execute arbitrary code in the SYSTEM context.

The vulnerability of the SettingConfigController class in the system for managing, diagnosing, and optimizing the operation of network devices is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the SYSTEM...

9CVSS7.5AI score0.01689EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.6 views

The vulnerability of the MyHandlerInterceptor class in the ProSafe Network Management NMS300 system’s management, diagnosis, and optimization of network device operations allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the MyHandlerInterceptor class in the ProSafe Network Management NMS300 system, which is used for management, diagnosis, and optimization of network device operations, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a...

10CVSS7.7AI score0.83009EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.7 views

The vulnerability of the BkreProcessThread class in the system for managing, diagnosing, and optimizing the operation of network devices. ProSafe Network Management NMS300 allows a hacker to execute arbitrary code.

The vulnerability of the BkreProcessThread class in the system for managing, diagnosing, and optimizing network device operations is related to the absence of authentication procedures. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS7.5AI score0.01689EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder