Remote Code Execution Vulnerability in NETGEAR ProSAFE Network Management System
CVE-2024-5246

Currently unrated

Key Information:

Vendor
NETGEAR
Vendor
CVE Published:
23 May 2024

Summary

NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.

The specific flaw exists within the product installer. The issue results from the use of a vulnerable version of Apache Tomcat. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22868.

References

https://www.zerodayinitiative.com/advisories/ZDI-24-497/
https://kb.netgear.com/000066164/Security-Advisory-for-Mu...

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.