VYPR

Prosafe Network Management Software 300

by Netgear

CVEs (27)

  • CVE-2016-1524CriFeb 13, 2016
    risk 0.73cvss 9.6epss 0.94

    Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via…

  • CVE-2016-1525HigFeb 13, 2016
    risk 0.65cvss 8.6epss 0.75

    Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.

  • CVE-2023-38098May 3, 2024
    risk 0.09cvss epss 0.10

    NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although…

  • CVE-2023-38096May 3, 2024
    risk 0.09cvss epss 0.83

    NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to…

  • CVE-2024-5505Jun 6, 2024
    risk 0.06cvss epss 0.47

    NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is…

  • CVE-2024-5246May 23, 2024
    risk 0.06cvss epss 0.31

    NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this…

  • CVE-2021-27273Mar 29, 2021
    risk 0.06cvss epss 0.65

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…

  • CVE-2021-27272Mar 29, 2021
    risk 0.06cvss epss 0.74

    This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…

  • CVE-2024-5247May 23, 2024
    risk 0.05cvss epss 0.27

    NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is…

  • CVE-2021-27276Mar 29, 2021
    risk 0.05cvss epss 0.72

    This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…

  • CVE-2021-27275Mar 29, 2021
    risk 0.05cvss epss 0.73

    This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication…

  • CVE-2021-27274Mar 29, 2021
    risk 0.04cvss epss 0.08

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class.…

  • CVE-2023-44450May 3, 2024
    risk 0.03cvss epss 0.54

    NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is…

  • CVE-2023-50231May 3, 2024
    risk 0.02cvss epss 0.53

    NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is…

  • CVE-2023-38095May 3, 2024
    risk 0.02cvss epss 0.62

    NETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although…

  • CVE-2024-6814Aug 21, 2024
    risk 0.01cvss epss 0.02

    NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…

  • CVE-2024-6813Aug 21, 2024
    risk 0.01cvss epss 0.02

    NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…

  • CVE-2023-44449May 3, 2024
    risk 0.01cvss epss 0.53

    NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…

  • CVE-2024-5245May 23, 2024
    risk 0.00cvss epss 0.01

    NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. An attacker must first obtain the…

  • CVE-2023-41182May 3, 2024
    risk 0.00cvss epss 0.59

    NETGEAR ProSAFE Network Management System ZipUtils Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is…

Page 1 of 2