NETGEAR is aware of a security issue on some models of ProSAFE Gigabit Smart Managed Switches that can let an attacker permanently modify certain system variables. This vulnerability occurs when a remote attacker uses SNMP to access stored XSS on the web management interface. The only system variables that can be accessed and modified because of this vulnerability are system name, system location, and system contact. No other settings are vulnerable, and no network traffic or credentials are exposed. This vulnerability affects the following products: GS724Tv3 and GS716Tv2 with firmware version 5.4.2.25 or earlier GS510TP with firmware version 5.4.2.25 or earlier GS108Tv2 and GS110TP with firmware version 5.4.2.25 or earlier GS748Tv4 with firmware version 5.4.2.25 or earlier NETGEAR has released firmware updates that fix the system variable modification vulnerability for all affected products. NETGEAR strongly recommends that all affected users upgrade their firmware to version 5.04.2.27 or later as soon as possible. Source: (https://kb.netgear.com/000036745/Security-Advisory-for-CVE-2016-7941-PSV-2016-0150)
Recent CVEs
-
CVE-2023-6246
1 Post
-
CVE-2023-7063
1 Post
-
CVE-2023-52251
1 Post
-
CVE-2023-5408
1 Post
-
CVE-2023-46450
1 Post
Activity Feed
-
tmitchell joined
-
viking joined
-
NIKHIL KUMAR joined
-
usa M joined
-
g312ng joined
-
anup yadav joined