漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the MibController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12122.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
NETGEAR ProSAFE Network Management System 路径遍历漏洞
Vulnerability Description
Netgear NETGEAR是美国网件(Netgear)公司的一款路由器。连接两个或多个网络的硬件设备,在网络间起网关的作用。 NETGEAR ProSAFE Network Management System 存在路径遍历漏洞,攻击者可利用该漏洞删除受影响的系统上的任意文件,导致系统上创建拒绝服务条件。
CVSS Information
N/A
Vulnerability Type
N/A