CVE-2023-2384

CVE-2023-2384 affects Netgear SRX5308 Web Management Interface, specifically the file scgi-bin/platform.cgi?page=dmz_setup.htm. The vulnerability arises from insufficient input validation on the dhcp.SecDnsIPByte2 parameter, enabling remote cross-site scripting. Multiple sources confirm versions ...

CVE-2023-2381

CVE-2023-2381 affects Netgear SRX5308 Web Management Interface up to firmware 4.3.5-3. The vulnerability is a cross-site scripting flaw in the BandWidthProfile.ProfileName parameter within scgi-bin/platform.cgi?page=bandwidth_profile.htm, exploitable remotely and reportedly disclosed. Public refe...

PT-2023-2608 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: A vulnerability exists in the Web Management Interface of the Netgear SRX5308, affecting the file scgi-bin/platform.cgi?page=dmz setup.htm. The issue arises from insufficient input validatio...

The vulnerability of the USERDBDomains.Domainname function in the cgi-bin/platform.cgi file of the NETGEAR ProSafe SSL VPN network interface card’s software allows a hacker to execute arbitrary SQL queries.

The vulnerability of the USERDBDomains.Domainname function in the cgi-bin/platform.cgi file of the NETGEAR ProSafe SSL VPN network interface card’s software is related to the possibility of executing commands. Exploiting this vulnerability could allow a malicious actor to execute arbitrary SQL...

CVE-2017-15805

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files...

CVE-2017-15805

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files...

Directory traversal

Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files...

CVE-2017-15805

Cisco Small Business SA520/SA540 devices with firmware 2.1.71 and 2.2.0.7 are affected by a directory traversal vulnerability in scgi-bin/platform.cgi via the thispage parameter, enabling reading of arbitrary files. Root cause: improper validation of the thispage parameter leading to path travers...

NETGEAR Multiple Product Catalog Traversal Vulnerability

NETGEAR is an American Netgear company, a manufacturer of computer networking equipment and other computer hardware. NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, SRX5308 devices with firmware versions prior to 4.3.3-8 have a directory traversal vulnerability in scgi-bin/platform.cgi that could allow a...

The vulnerability of the D-Link DSR-150 router’s microprogramming software allows a malicious individual to gain administrator privileges.

The script “/scgi-bin/platform.cgi” of the D–Link DSR–150 router’s software does not properly filter the data entered by the user in the “Password” field. As a result, a malicious individual can bypass the authentication process and gain access to the device with administrator privileges...

D-link路由器/platform.cgi任意用户登陆漏洞

No description provided by source...