CVE-2023-2383

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been classified as problematic. This affects an unknown part of the file scgi-bin/platform.cgi?page=firewalllogsemail.htm of the component Web Management Interface. The manipulation of the argument smtpServer.fromAddr leads to cro...

NETGEAR SRX5308 跨站脚本漏洞

The NETGEAR SRX5308 is a VPN firewall appliance from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR SRX5308 version 4.3.5-3 and prior versions, which stems from cross-site scripting due to incorrect manipulation of the parameter Login.userAgent...

PT-2023-2611 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: A vulnerability was found in the Netgear SRX5308, which can be exploited to cause a denial of service. The issue is related to incorrect resource release. It is possible to launch the attack...

PT-2023-2609 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: A vulnerability exists in the Web Management Interface of the Netgear SRX5308, allowing for cross-site scripting attacks. This issue is caused by the lack of protection for the web page...

PT-2023-2583 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: The issue is related to insufficient protection of the web page structure when handling the USERDBUsers.Password argument in the web management interface of Netgear SRX5308 routers. This can...

PT-2023-2607 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: A vulnerability exists in the Web Management Interface of the Netgear SRX5308 due to insufficient input validation. This issue affects the processing of the file scgi-bin/platform.cgi?page=i...

PT-2023-2603 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: The issue exists due to insufficient input validation in the web management interface of the Netgear SRX5308 router's embedded software. This allows a remote attacker to conduct a cross-site...

PT-2023-2604 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: The issue exists due to insufficient input validation in the web management interface of the Netgear SRX5308 router's embedded software. Exploitation of this issue may allow a remote attacke...

Debian DLA-2674-1 : isc-dhcp security update

Jon Franklin and Pawel Wieczorkiewicz found an issue in the ISC DHCP client and server when parsing lease information, which could lead to denial of service via application crash. For Debian 9 stretch, this problem has been fixed in version 4.3.5-3+deb9u2. We recommend that you upgrade your...

NETGEAR SRX5308 SQL Injection Vulnerability

The NETGEAR SRX5308 is a VPN firewall appliance from NETGEAR. A SQL injection vulnerability exists in the NETGEAR SRX5308 version 4.3.5-3. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the vulnerabili...