Lucene search
+L

11 matches found

cve
cve
added 2023/04/28 5:31 p.m.56 views

CVE-2023-2384

CVE-2023-2384 affects Netgear SRX5308 Web Management Interface, specifically the file scgi-bin/platform.cgi?page=dmz_setup.htm. The vulnerability arises from insufficient input validation on the dhcp.SecDnsIPByte2 parameter, enabling remote cross-site scripting. Multiple sources confirm versions ...

4.8CVSS4.3AI score0.00649EPSS
Exploits1References3Affected Software1
cve
cve
added 2023/04/28 5:0 p.m.43 views

CVE-2023-2381

CVE-2023-2381 affects Netgear SRX5308 Web Management Interface up to firmware 4.3.5-3. The vulnerability is a cross-site scripting flaw in the BandWidthProfile.ProfileName parameter within scgi-bin/platform.cgi?page=bandwidth_profile.htm, exploitable remotely and reportedly disclosed. Public refe...

4.8CVSS4.2AI score0.00605EPSS
Exploits1References3Affected Software1
ptsecurity
ptsecurity
added 2023/04/13 12:0 a.m.6 views

PT-2023-2608 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: A vulnerability exists in the Web Management Interface of the Netgear SRX5308, affecting the file scgi-bin/platform.cgi?page=dmz setup.htm. The issue arises from insufficient input validatio...

4.8CVSS4.1AI score0.00649EPSS
Exploits1References6
bdu_fstec
bdu_fstec
added 2022/05/17 12:0 a.m.9 views

The vulnerability of the USERDBDomains.Domainname function in the cgi-bin/platform.cgi file of the NETGEAR ProSafe SSL VPN network interface card’s software allows a hacker to execute arbitrary SQL queries.

The vulnerability of the USERDBDomains.Domainname function in the cgi-bin/platform.cgi file of the NETGEAR ProSafe SSL VPN network interface card’s software is related to the possibility of executing commands. Exploiting this vulnerability could allow a malicious actor to execute arbitrary SQL...

6.5CVSS8.1AI score0.48957EPSS
Exploits1References5
nvd
nvd
added 2017/10/23 8:29 a.m.12 views

CVE-2017-15805

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files...

7.5CVSS7.7AI score0.02178EPSS
Exploits0References1
osv
osv
added 2017/10/23 8:29 a.m.6 views

CVE-2017-15805

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files...

7.5CVSS5.9AI score0.02178EPSS
Exploits0References1
prion
prion
added 2017/10/23 8:29 a.m.17 views

Directory traversal

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files...

5CVSS7.7AI score0.02178EPSS
Exploits0References1Affected Software2
cve
cve
added 2017/10/23 8:0 a.m.51 views

CVE-2017-15805

Cisco Small Business SA520/SA540 devices with firmware 2.1.71 and 2.2.0.7 are affected by a directory traversal vulnerability in scgi-bin/platform.cgi via the thispage parameter, enabling reading of arbitrary files. Root cause: improper validation of the thispage parameter leading to path travers...

7.5CVSS7.6AI score0.02178EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2017/01/04 12:0 a.m.6 views

NETGEAR Multiple Product Catalog Traversal Vulnerability

NETGEAR is an American Netgear company, a manufacturer of computer networking equipment and other computer hardware. NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, SRX5308 devices with firmware versions prior to 4.3.3-8 have a directory traversal vulnerability in scgi-bin/platform.cgi that could allow a...

6.5CVSS6.9AI score0.02427EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2016/07/07 12:0 a.m.9 views

The vulnerability of the D-Link DSR-150 router’s microprogramming software allows a malicious individual to gain administrator privileges.

The script “/scgi-bin/platform.cgi” of the D–Link DSR–150 router’s software does not properly filter the data entered by the user in the “Password” field. As a result, a malicious individual can bypass the authentication process and gain access to the device with administrator privileges...

10CVSS5.5AI score0.06516EPSS
Exploits6References7Affected Software1
seebug
seebug
added 2016/03/22 12:0 a.m.18 views

D-link路由器/platform.cgi任意用户登陆漏洞

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder