Описание
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to (1) produce_burn.cgi, (2) register_debug.cgi, or (3) bootcode_update.cgi.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:netgear:gs108pe_firmware:1.2.0.5:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs108pe:-:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00234
Низкий
8.3 High
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
больше 3 лет назад
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to (1) produce_burn.cgi, (2) register_debug.cgi, or (3) bootcode_update.cgi.
EPSS
Процентиль: 46%
0.00234
Низкий
8.3 High
CVSS2
Дефекты
CWE-255