347 matches found
NETGEAR 访问控制错误漏洞
NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. An access control error vulnerability exists in the NETGEAR ProSAFE Network Management System v1.7.0.26 and earlier versions, which can be exploited ...
NETGEAR 访问控制错误漏洞
NETGEAR ProSAFE Network Management System is a network management system from NETGEAR for centralized management, monitoring, and configuration of network devices. An Access Control Error vulnerability exists in the NETGEAR ProSAFE Network Management System that originates from an unauthenticated...
NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Vulnerability
NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the getNodesByTopologyMapSearch function, which can be exploited by an attacker to obtain sensitive information or...
NETGEAR ProSAFE Network Management System clearAlertByIds Function SQL Injection Vulnerability
NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the clearAlertByIds function and can be exploited by an attacker to obtain sensitive information or execute arbitra...
PT-2023-7244 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the implementation of the Java Debug Wire Protocol JDWP in the ProSAFE Network Management System, which lacks authentication for a...
The vulnerability of the clearAlertByIds() function in the ProSAFE Network Management System (NMS300) allows a hacker to increase their privileges.
The vulnerability of the clearAlertByIds function in the ProSAFE Network Management System NMS300 for managing, diagnosing, and optimizing network devices is related to the lack of protection for the SQL query structure. Exploiting this vulnerability could allow a malicious actor to increase thei...
The vulnerability of the getNodesByTopologyMapSearch() function in the network management, diagnosis, and optimization system for network devices, ProSAFE Network Management System (NMS300), allows a hacker to execute arbitrary code.
The vulnerability of the getNodesByTopologyMapSearch function in the system for managing, diagnosing, and optimizing the operation of network devices, the ProSAFE Network Management System NMS300, is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allo...
NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the clearAlertByIds function. The issue results from the lack of prop...
NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the getNodesByTopologyMapSearch function. The issue results from t...
NETGEAR ProSAFE Network Management System Authentication Bypass (CVE-2023-38096)
Binary data netgearnmszdi-23-920.nbin...
The vulnerability of the ZipUtils class in the ProSafe Network Management System, which includes tools for network device management, diagnosis, and optimization, allows a hacker to bypass security restrictions and execute arbitrary code.
The vulnerability of the ZipUtils class in the ProSafe Network Management NMS300 system, which is used for managing, diagnosing, and optimizing the operation of network devices, is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability allows...
Metasploit Weekly Wrap-Up
Pumpkin Spice Modules Here in the northern hemisphere, fall is on the way: leaves changing, the air growing crisp and cool, and some hackers changing the flavor of their caffeine. This release features a new exploit module targeting Apache NiFi as well as a new and improved library to interact wi...
PT-2023-7060 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. The specific flaw exis...
PT-2023-7114 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is require...
PT-2023-7963 · NetGear · Netgear Prosafe Network Management System
Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the saveNodeLabel method in the NETGEAR ProSAFE Network Management System, which lacks proper validation of user-supplied data. Thi...
The vulnerability of the MFileUploadController class in the system for managing, diagnosing, and optimizing the operation of network devices. ProSafe Network Management NMS300 allows a hacker to execute arbitrary code.
The vulnerability of the MFileUploadController class in the ProSafe Network Management NMS300 system, which is used for managing, diagnosing, and optimizing the operation of network devices, stems from the lack of restrictions on file uploads. Exploiting this vulnerability could allow a malicious...
The vulnerability of the createUser function in the system for managing, diagnosing, and optimizing the operation of network devices, ProSafe Network Management NMS300, allows a hacker to increase their privileges.
The vulnerability of the createUser function in the ProSafe Network Management NMS300 system, a device for managing, diagnosing, and optimizing network devices, lies in buffer overflow attacks. Exploiting this vulnerability can allow attackers to gain increased privileges remotely...
The vulnerability of the SettingConfigController class in the system’s management, diagnosis, and optimization of network device operations. The ProSafe Network Management NMS300 allows a hacker to execute arbitrary code in the SYSTEM context.
The vulnerability of the SettingConfigController class in the system for managing, diagnosing, and optimizing the operation of network devices is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the SYSTEM...
The vulnerability of the MyHandlerInterceptor class in the ProSafe Network Management NMS300 system’s management, diagnosis, and optimization of network device operations allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the MyHandlerInterceptor class in the ProSafe Network Management NMS300 system, which is used for management, diagnosis, and optimization of network device operations, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a...
The vulnerability of the BkreProcessThread class in the system for managing, diagnosing, and optimizing the operation of network devices. ProSafe Network Management NMS300 allows a hacker to execute arbitrary code.
The vulnerability of the BkreProcessThread class in the system for managing, diagnosing, and optimizing network device operations is related to the absence of authentication procedures. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...