Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2016/05/23 12:0 a.m.3 views

Netgear ProSAFE NMS300 fileUpload.do Arbitrary File Upload (CVE-2016-1524; CVE-2016-1525)

An arbitrary file upload vulnerability exists in Netgear ProSafe NMS300. The vulnerability is due to inadequate access control and input validation error when accepting user uploaded files to fileUpload.do control. A remote unauthenticated attacker could exploit this vulnerability by sending...

8.3CVSS1.7AI score0.94104EPSS
Exploits10
Circl
Circl
added 2016/03/01 12:0 a.m.27 views

CVE-2016-1525

creationtimestamp| type| source ---|---|--- 2016-03-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39515 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/netgearnmsrce.rb 2025-02-06 03:13:42+00:00| seen|...

8.6CVSS9.2AI score0.75013EPSS
Exploits8References2
Packet Storm
Packet Storm
added 2016/02/29 12:0 a.m.41 views

NETGEAR ProSafe Network Management System 300 Arbitrary File Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'NETGEAR ProSafe Network Management System 300 Arbitrary File Upload', 'Description' = %q Netgear's ProSafe NMS300 is a network...

7.8CVSS9.2AI score0.75013EPSS
Exploits8
NVD
NVD
added 2016/02/13 2:59 a.m.12 views

CVE-2016-1525

Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. dot dot in the realName parameter...

8.6CVSS8.1AI score0.75013EPSS
Exploits8References8
CERT
CERT
added 2016/02/03 12:0 a.m.48 views

Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities

Overview Netgear Management System NMS300, version 1.5.0.11 and earlier, is vulnerable to arbitrary file upload, which may be leveraged by unauthenticated users to execute arbitrary code with SYSTEM privileges. A directory traversal vulnerability enables authenticated users to download arbitrary...

9.6CVSS9.3AI score0.94104EPSS
Exploits10References4
Rows per page
Query Builder