NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞

The NETGEAR FVS336G is a VPN Virtual Private Network firewall router from NETGEAR. A security vulnerability exists in the NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 versions, which stems from a missing filter escape in USERDBDomains.Domainname in cgi-bin/platform.cgi, which can be...

Vulnerabilities fixed in Yokogawa Centum VP, ProSafe-RS and B/M9000 VP

Yokogawa has fixed vulnerabilities in Centum VP, ProSafe-RS and B/M9000 VP. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access t...

Yokogawa CENTUM and ProSafe-RS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM and ProSafe-RS Vulnerabilities: OS Command Injection, Improper Authentication, NULL Pointer Dereference, Improper Input Validation, Resource Management Errors 2. RISK...

prosafe.org Improper Access Control vulnerability OBB-2432401

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows Stack-Based Buffer Overflow (CVE-2018-0651)

Buffer overflow in the license management function of YOKOGAWA products iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier allows remote attackers to stop the license...

NETGEAR ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 SQL注入漏洞

NETGEAR SRX5308 is a firewall appliance. NETGEAR ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 SQL injection vulnerability can be exploited by attackers to obtain sensitive information...

Netgear ProSAFE Network Management System Arbitrary File Upload (CVE-2021-27274)

An unrestricted file upload vulnerability exists in Netgear ProSAFE NMS300. The vulnerability is due to improper validation of the uploaded file in the MFileUploadController class...

The vulnerability of the TFTP server for microprogramming software of NETGEAR ProSAFE Plus JGS516PE and ProSAFE Plus GS116Ev2 allows a intruder to increase their privileges.

The vulnerability of the TFTP server for microprogramming software in NETGEAR ProSAFE Plus JGS516PE and ProSAFE Plus GS116Ev2 devices is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

The vulnerability of NETGEAR ProSafe Plus JGS516PE microcontroller-based software, related to the lack of protection for service data, allows a intruder to trigger a service failure.

The vulnerability of NETGEAR ProSafe Plus JGS516PE microcontroller-based devices lies in the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability in the web-based administration panel of Microprogramming software for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the web-based administration panel of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 networking devices is related to insufficient verification of input parameters. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary cod...

The vulnerability of the NSDP protocol implementation in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 network devices allows a hacker to bypass access controls and gain full control over the device.

The vulnerability of the NSDP protocol implementation in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 networking devices is related to authentication process errors. Exploiting this vulnerability allows an attacker to bypass access controls and gain full control over the device...

The vulnerability of the implementation of the microprogramming software update mechanism for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 devices allows a hacker to increase their privileges.

The vulnerability of the mechanism for updating microprogrammable software in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 devices is related to deficiencies in input data validation. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the NSDP protocol implementation in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 network devices allows a perpetrator to increase their privileges.

The vulnerability of the NSDP protocol implementation in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 networking devices is related to authentication process errors. Exploiting this vulnerability can allow attackers to increase their privileges remotely...

The vulnerability of the TFTP microprogramming software used in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 network devices allows a intruder to cause service interruptions.

The vulnerability of the TFTP microprogramming software used in Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 network devices is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

The vulnerability in the web administration panel of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 microprogrammed network devices allows a hacker to perform cross-site scripting attacks.

The vulnerability of the web administration panel of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 networking devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

The vulnerability of the DCHP server configuration of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 network devices allows a hacker to cause a service failure.

The vulnerability of the DCHP configuration of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 networking devices relates to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability can allow a malicious actor to trigger...

The vulnerability in the web administration panel of Microprogrammed software for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 allows a hacker to add IP addresses to a white list.

The vulnerability of the web-based administration panel of Microprogramming software for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 lies in insufficient verification of input parameters. Exploiting this vulnerability allows an attacker to add IP addresses to a white list using the...

CVE-2021-27273

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

CVE-2021-27272

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

CVE-2021-27275

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...