Summary
Multiple NetGear ProSafe switches are prone to an information- disclosure vulnerability.
Impact
An attacker can exploit this issue to download configuration file and disclose sensitive information. Information obtained may aid in further attacks.
Impact Level: Application
Solution
Ask the Vendor for an update.
Insight
The web management application fails to restrict URL access to differenti application areas. Remote, unauthenticated attackers could exploit this issue to download the device's startup-config, which contains administrator credentials in encrypted form.
Affected
GS724Tv3 and GS716Tv2 - firmware 5.4.1.13
GS724Tv3 and GS716Tv2 - firmware 5.4.1.10
GS748Tv4 - firmware 5.4.1.14
GS510TP - firmware 5.4.0.6
GS752TPS and GS728TPS - firmware 5.3.0.17
GS728TS and GS725TS - firmware 5.3.0.17
GS752TXS and GS728TXS - firmware 6.1.0.12
Detection
Try to read /filesystem/startup-config with a HTTP GET request and check the response.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-4775, CVE-2013-4776 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N
Related Vulnerabilities
- artmedic_links5 File Inclusion Vulnerability
- Artmedic Kleinanzeigen File Inclusion Vulnerability
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability
- ATutor < 1.5.1-pl1 Multiple Flaws