Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and previous versions allow remote malicious users to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via a direct request for a /null URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear prosafe network management software 300 |
Metasploit modules unleashed.
Two dangerous un-patched remote code execution vulnerabilities that allow access to God-mode system privileges have been reported in Netgear's ProSafe Network Management 300 management software. The file upload vulnerability (CVE-2016-1524) and restricted directory traversal (CVE-2016-1525) allow unauthenticated attackers to upload arbitrary files to the server's root web directory and access any file on servers. Carnegie Mellon University CERT analyst Joel Land says there is no known fix and re...