NETGEAR.NMS300.image.do.Directory.Traversal
Description
This indicates an attack attempt to exploit a Directory Traversal vulnerability in Netgear's NMS300.
The vulnerability is caused by insufficient sanitizing of the "realName" parameter that is passed to "image.do". A remote attacker can exploit this to gain unauthorized access to sensitive information.
Affected Products
NMS300 1.5.0.11
NMS300 1.5.0.2
NMS300 1.4.0.17
NMS300 1.1.0.13
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-07 | 14.628 | Severity:medium:high |