Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-29383 PoC — NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-29383.yaml
Associated Vulnerability
Title:NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞 (CVE-2022-29383)
Description:NETGEAR FVS336G是美国网件(NETGEAR)公司的一款VPN(虚拟私人网络)防火墙路由器。 NETGEAR ProSafe SSL VPN firmware FVS336Gv2 和FVS336Gv3版本存在安全漏洞,该漏洞源于cgi-bin/platform.cgi中的USERDBDomains.Domainname缺少过滤转义,攻击者利用该漏洞可进行SQL注入攻击。
Description
NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.
File Snapshot

 id: CVE-2022-29383

info:
  name: NETGEAR ProSafe SSL VPN firmware - SQL Injection
  author: eliteba

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.