NETGEAR ProSAFE 安全漏洞

NETGEAR ProSAFE is a network management system from NETGEAR. NETGEAR ProSAFE suffers from a SQL injection vulnerability that can be exploited by an attacker to elevate privileges...

NETGEAR ProSAFE 安全漏洞

NETGEAR ProSAFE Network Management System is a network management system. The NETGEAR ProSAFE Network Management System suffers from a SQL injection vulnerability that originates in the clearAlertByIds function and can be exploited by an attacker to obtain sensitive information or execute arbitra...

NETGEAR ProSAFE 安全漏洞

NETGEAR ProSAFE Network Management System is a network management system from NETGEAR for centralized management, monitoring, and configuration of network devices. A code execution vulnerability exists in NETGEAR ProSAFE Network Management System, which stems from a remote code execution...

PT-2024-5191

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. The specific flaw exis...

PT-2024-4161 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. The flaw exists within the product installer due to the use of default...

PT-2024-4189 · NetGear +1 · Netgear Prosafe Network Management System +1

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The vulnerability is related to insufficient input validation in the Tomcat component of the NETGEAR ProSAFE Network Management System. This allows a remot...

The vulnerability of the saveNodeLabel method in the ProSAFE Network Management System (NMS300) allows a perpetrator to enhance their privileges and perform cross-site scripting attacks.

The vulnerability of the saveNodeLabel method in the ProSAFE Network Management System NMS300 involves a lack of measures taken to protect the website structure. Exploiting this vulnerability can allow attackers to enhance their privileges and perform cross-site scripting attacks...

NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the saveNodeLabel method. The issue results from the lack o...

NETGEAR Access Control Error Vulnerability (CNVD-2023-9749744)

NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. An access control error vulnerability exists in the NETGEAR ProSAFE Network Management System v1.7.0.26 and earlier versions, which can be exploited ...

The vulnerability in the implementation of the Java Debug Wire Protocol (JDWP) of the ProSAFE Network Management System (NMS300) allows a perpetrator to execute arbitrary code.

The vulnerability of the Java Debug Wire Protocol implementation in the ProSAFE Network Management System NMS300 lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to execute arbitrary code by connecting to port 11611...

NETGEAR ProSAFE Network Management System Access Control Error Vulnerability

NETGEAR ProSAFE Network Management System is a network management system from NETGEAR for centralized management, monitoring, and configuration of network devices. An Access Control Error vulnerability exists in the NETGEAR ProSAFE Network Management System that originates from an unauthenticated...

The vulnerability of the ProSAFE Network Management System’s (NMS300) management, diagnosis, and optimization functions relates to deficiencies in access control. This vulnerability allows attackers to enhance their privileges.

The vulnerability of the ProSAFE Network Management System NMS300 in terms of system management, diagnosis, and optimization of network device operations is related to deficiencies in access control due to incorrect context determination for searching user credentials. Exploiting this vulnerabili...

CVE-2023-49694

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM...

CVE-2023-49694

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM...

CVE-2023-49693

NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol JDWP listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code...

CVE-2023-49693

NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol JDWP listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code...

CVE-2023-49694

CVE-2023-49694 refers to a NETGEAR ProSAFE Network Management System privilege-escalation vulnerability on Windows hosts. An attacker with low OS privileges can create arbitrary JSP files in the Tomcat web-application directory and execute them under the SYSTEM security context, enabling full pri...

CVE-2023-49694 NETGEAR ProSAFE Network Management System Privilege Escalation Via MySQL Server

A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM...

CVE-2023-49693

The CVE-2023-49693 entry concerns NETGEAR ProSAFE Network Management System, where Java Debug Wire Protocol (JDWP) is exposed on port 11611 and accessible without authentication, enabling remote arbitrary code execution. Multiple connected records corroborate an unauthenticated access vector via ...

CVE-2023-49693 NETGEAR ProSAFE Network Management System RCE via Unprotected Access to Java Debug Wire Protocol

NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol JDWP listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code...