Lucene search
K

347 matches found

NVD
NVD
added 2021/03/29 9:15 p.m.12 views

CVE-2021-27272

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

7.5CVSS0.73766EPSS
Exploits0References2
NVD
NVD
added 2021/03/29 9:15 p.m.17 views

CVE-2021-27276

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

7.1CVSS0.72461EPSS
Exploits0References2
NVD
NVD
added 2021/03/29 9:15 p.m.24 views

CVE-2021-27273

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

9CVSS0.64997EPSS
Exploits0References2
OSV
OSV
added 2021/03/29 9:15 p.m.2 views

CVE-2021-27274

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results fr...

9.8CVSS6.2AI score0.08167EPSS
Exploits0References2
Prion
Prion
added 2021/03/29 9:15 p.m.20 views

Design/Logic Flaw

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

7.5CVSS6.9AI score0.73766EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/03/29 9:15 p.m.18 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

9CVSS8.9AI score0.64997EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/29 8:55 p.m.46 views

CVE-2021-27276

CVE-2021-27276 affects NETGEAR ProSAFE Network Management System 1.6.0.26. The vulnerability is a directory traversal issue in the MibController class: during parsing the realName parameter, user-supplied paths are not properly validated before file operations, enabling an attacker to delete arbi...

7.1CVSS6.9AI score0.72461EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/29 8:55 p.m.19 views

CVE-2021-27276

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

7.1CVSS7.2AI score0.72461EPSS
Exploits0References2
CVE
CVE
added 2021/03/29 8:55 p.m.73 views

CVE-2021-27275

CVE-2021-27275 affects NETGEAR ProSAFE Network Management System 1.6.0.26. The flaw resides in ConfigFileController realName handling, where user-supplied paths are not properly validated before file operations, enabling directory traversal. Consequences include disclosure of sensitive informatio...

8.3CVSS8.1AI score0.73318EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/29 8:55 p.m.31 views

CVE-2021-27273

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

8.8CVSS9.1AI score0.64997EPSS
Exploits0References2
CVE
CVE
added 2021/03/29 8:55 p.m.61 views

CVE-2021-27273

CVE-2021-27273 affects NETGEAR ProSAFE Network Management System 1.6.0.26. A flaw in SettingConfigController.fileName handling allows an unauthenticated-by-default? (authentication bypass noted) remote code execution with SYSTEM privileges by abusing an unsafely-validated user-supplied string to ...

9CVSS8.9AI score0.64997EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/29 8:55 p.m.62 views

CVE-2021-27274

NETGEAR ProSAFE Network Management System 1.6.0.26 is impacted by CVE-2021-27274 due to an unchecked user-supplied path in MFileUploadController, enabling pre-auth remote code execution with SYSTEM privileges. The vulnerability stems from insufficient validation of file paths used in file operati...

10CVSS9.7AI score0.08167EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/03/29 8:55 p.m.49 views

CVE-2021-27272

CVE-2021-27272 affects NETGEAR ProSAFE Network Management System 1.6.0.26. A flaw in the ReportTemplateController when parsing a path parameter allows a remote attacker to delete arbitrary files by abusing file operations, even though authentication is required—this authentication can be bypassed...

7.5CVSS6.9AI score0.73766EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/03/29 8:55 p.m.20 views

CVE-2021-27272

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

7.1CVSS7.2AI score0.73766EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2021/03/28 12:0 a.m.7 views

Netgear ProSAFE Cross-Site Request Forgery (CVE-2020-35223)

A cross-site request forgery vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the effected system...

6.8CVSS3.5AI score0.00586EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2021/03/28 12:0 a.m.7 views

Netgear ProSAFE Cross-Site Scripting (CVE-2020-35228)

A cross site scripting vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

3.5CVSS4.7AI score0.00828EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2021/03/28 12:0 a.m.13 views

Netgear ProSAFE Remote Code Execution (CVE-2020-26919)

A remote code execution vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.7AI score0.57195EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2021/03/28 12:0 a.m.5 views

Netgear ProSAFE Buffer Overflow (CVE-2020-35227)

A buffer overflow vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.5CVSS5.4AI score0.0112EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2021/03/28 12:0 a.m.5 views

Netgear ProSAFE Integer Overflow (CVE-2020-35230)

An integer overflow vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.7CVSS5.3AI score0.00418EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/03/26 12:0 a.m.56 views

NETGEAR ProSAFE Network Management System ReportTemplateController Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

7.1CVSS3.1AI score0.73766EPSS
Exploits0References1
Rows per page
Query Builder