Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to (1) produce_burn.cgi, (2) register_debug.cgi, or (3) bootcode_update.cgi.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NETGEAR GS108PE Prosafe Plus switches 信任管理漏洞
Vulnerability Description
NETGEAR GS108PE Prosafe Plus switches是美国网件(NetGear)公司的一款网管交换机产品。 使用1.2.0.5版本固件的NETGEAR GS108PE Prosafe Plus交换机中存在安全漏洞,该漏洞源于ntgruser账户使用硬编码的密码(debugpassword)。远程攻击者可通过向produce_burn.cgi、register_debug.cgi或bootcode_update.cgi文件发送请求利用该漏洞上传固件或读取或修改内存内容,执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A