EUVD-2007-4344

Malware in sbrugna...

CVE-2013-2751

Eval injection vulnerability in frontview/lib/nphandler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow."...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in frontview/lib/nphandler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users...

Design/Logic Flaw

Eval injection vulnerability in frontview/lib/nphandler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow."...

CVE-2013-2752

The CVE-2013-2752 issue affects NETGEAR ReadyNAS RAIDiator (frontview/lib/np_handler.pl) prior to 4.1.12 and 4.2.x prior to 4.2.24, where CSRF could allow remote attackers to hijack user authentication. Multiple sources corroborate a CSRF vulnerability, with OpenVAS noting CSRF and command inject...

CVE-2013-2751

The CVE-2013-2751 entry concerns NETGEAR ReadyNAS RAIDiator (FrontView) via np_handler.pl. A Perl eval() usage flaw in frontview/lib/np_handler.pl allows remote code execution through crafted requests (notably related to the forgot password workflow), enabling unauthenticated RC across affected v...

NetGear RAIDiator (ReadyNAS) CSRF And Command Injection Vulnerabilities (Oct 2013) - Active Check

NetGear RAIDiator is prone to a cross-site request forgery CSRF vulnerability and a command injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator"

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Default Root Password in Infrant now Netgear ReadyNAS "RAIDiator" Release Date: August 13, 2007 Authors: Brian Chapados [email protected] Felix Domke [email protected] Timeline: Jul 25, 2007 - discovery Jul 29, 2007 - vendor...

CVE-2007-4361

NETGEAR formerly Infrant ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access...

CVE-2007-4361

The CVE-2007-4361 issue affects NETGEAR ReadyNAS RAIDiator prior to 4.00b2-p2-T1 beta. The root cause is a default SSH root password derived from the hardware serial number, enabling remote attackers to guess the password and gain login access. The vulnerability is contextually severe: authentica...

NETGEAR ReadyNAS RAIDiator远程SSH后门漏洞

NETGEAR ReadyNAS RAIDiator是一款基于Linux的RAIDiator操作系统，是网络存储解决方案。 NETGEAR ReadyNAS RAIDiator由于存在设计问题，远程攻击者可以利用漏洞通过猜测超级用户密码获得对系统的控制。 NETGEAR ReadyNAS RAIDiator的SSH ROOT密码使用如下组件进行md5sum初始化： 1，MAC地址可从ifconfig获得 2，软件版本可从/etc/raidiatorversion获得 3，在SEED3中可获得工享字符串...