347 matches found
CVE-2014-4864
The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file...
CVE-2014-2969
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to 1 produceburn.cgi, 2...
Hardcoded credentials
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to 1 produceburn.cgi, 2...
CVE-2014-2969
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to 1 produceburn.cgi, 2...
CVE-2014-2969
The CVE-2014-2969 entry concerns NETGEAR NETGEAR GS108PE Prosafe Plus switches (firmware 1.2.0.5). A hard-coded credential pair, ntgruser:debugpassword, exists in the device and can be used via CGI endpoints (produce_burn.cgi, register_debug.cgi, bootcode_update.cgi) to gain access and upload fir...
Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials
Overview Netgear GS105PE Prosafe Plus Switch firmware version 1.2.0.5 contains hard-coded credentials. CWE-798 Description Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials that can be used for authenticating to the web server running on the device. The username is ntgruse...
Netgear ProSafe - Denial of Service Vulnerability
No description provided by source. !/usr/bin/python Netgear ProSafe - CVE-2013-4776 PoC written by Juan J. Guelfo @ Encripto AS [email protected] Copyright 2013 Encripto AS. All rights reserved. This software is licensed under the FreeBSD license. http://www.encripto.no/tools/license.php import sy...
Netgear FM114P ProSafe Wireless Router UPnP Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can retrieve the userna...
Netgear 1.x ProSafe VPN Firewall Web Interface Login Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7166/info It has been reported that some ProSafe VPN Firewall devices do not properly handle some types of input. Because of this, a remote user could potentially send malicious input to the device that would result in a...
Netgear ProSafe - Information Disclosure Vulnerability
No description provided by source...
Netgear FM114P ProSafe Wireless Router Rule Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal Plug and Play are bo...
NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 Error Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26073/info NETGEAR ProSafe SSL VPN Concentrator 25-SSL312 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to...
Yokogawa Multiple Products Vulnerabilities
OVERVIEW Yokogawa reports that several buffer overflow vulnerabilities affect several of its products. Juan Vazquez of Rapid7 Inc.,Rapid7 Inc., http://www.rapid7.com, web site last accessed May 13, 2014. and independent researcher Julian Vilas Diaz reported to CERT/CC that they identified several...
CVE-2013-4776
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service reboot or crash via a crafted HTTP request to filesystem/...
CVE-2013-4775
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted...
Server side request forgery (ssrf)
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service reboot or crash via a crafted HTTP request to filesystem/...
Design/Logic Flaw
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted...
CVE-2013-4776
CVE-2013-4776 affects Netgear ProSafe switches (GS724Tv3/GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 5.4.1.14; GS510TP 5.0.4.4) and causes a Denial of Service via a crafted HTTP request to /filesystem/. The issue can reboot or crash the device, leading to loss of network connectivity. P...
CVE-2013-4775
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted...
CVE-2013-4776
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service reboot or crash via a crafted HTTP request to filesystem/...