CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2024/06/06 5:49 p.m.•17 views

CVE-2024-5505 NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability

8.8CVSS7.9AI score0.76002EPSS

CVE•added 2024/06/06 5:49 p.m.•52 views

CVE-2024-5505

CVE-2024-5505 concerns the NETGEAR ProSAFE Network Management System, where the UpLoadServlet contains a directory traversal flaw that lacks proper validation of a user-supplied path in file operations. This leads to remote code execution with SYSTEM privileges. Exploitation is described as requi...

8.8CVSS9.1AI score0.76002EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/06/06 5:49 p.m.•11 views

CVE-2024-5505 NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability

8.8CVSS0.76002EPSS

Zero Day Initiative•added 2024/06/04 12:0 a.m.•15 views

NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the UpLoadServlet class. The issue results from the lack of proper...

8.8CVSS7.7AI score0.76002EPSS

Zero Day Initiative•added 2024/05/24 12:0 a.m.•22 views

NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

8.8CVSS7.5AI score0.58149EPSS

OSV•added 2024/05/23 10:15 p.m.•0 views

CVE-2024-5247

NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit...

8.8CVSS6.3AI score0.58149EPSS

NVD•added 2024/05/23 10:15 p.m.•12 views

CVE-2024-5247

8.8CVSS9.2AI score0.58149EPSS

Cvelist•added 2024/05/23 10:7 p.m.•14 views

CVE-2024-5247 NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.58149EPSS

CVE•added 2024/05/23 10:7 p.m.•80 views

CVE-2024-5247

CVE-2024-5247 affects NETGEAR ProSAFE Network Management System. The UpLoadServlet unsafely handles user-supplied data, allowing unrestricted file uploads that can lead to remote code execution with SYSTEM privileges. Authentication is required to exploit, and multiple sources (ZDI advisories, NV...

8.8CVSS9.2AI score0.58149EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/05/23 10:7 p.m.•14 views

CVE-2024-5247 NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

8.8CVSS8AI score0.58149EPSS

Zero Day Initiative•added 2024/05/22 12:0 a.m.•17 views

NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

8.8CVSS7.8AI score0.58149EPSS

NVD•added 2024/05/03 2:15 a.m.•21 views

CVE-2023-38098

8.8CVSS9.2AI score0.74408EPSS

Vulnrichment•added 2024/05/03 1:59 a.m.•22 views

CVE-2023-38098 NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

8.8CVSS8.1AI score0.74408EPSS

Cvelist•added 2024/05/03 1:59 a.m.•19 views

CVE-2023-38098 NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

8.8CVSS9.7AI score0.74408EPSS

Zero Day Initiative•added 2023/07/13 12:0 a.m.•23 views

NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

8.8CVSS7.7AI score0.74408EPSS

Exploits1References1

ATTACKERKB•added 2022/07/27 2:15 p.m.•0 views

CVE-2022-34549

Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file...

8.8CVSS6.1AI score0.00554EPSS

Exploits1References3

NVD•added 2022/07/27 2:15 p.m.•10 views

CVE-2022-34549

8.8CVSS0.00554EPSS