NetGear RAIDiator is prone to a cross-site request-forgery vulnerability and a command-injection vulnerability.

Exploiting these issues may allow a remote attacker to perform certain administrative actions and execute arbitrary shell commands with root privileges. Other attacks are also possible.

Updates are available. Please see the references or vendor advisory for more information.

The NETGEAR ReadyNAS RAIDiator firmware prior to the 4.2.24 release is prone to remote command execution through the FrontView web interface. An attacker can use an unauthenticated HTTP GET request to execute arbitrary commands as user 'admin' on the remote NAS device. This vulnerability exists due to a failure in /frontview/lib/np_handler.pl to sanitize user-input. Due to various improper file system permissions, the admin user can execute commands as root.

Following are vulnerable: RAIDiator versions prior to 4.1.12 running on SPARC RAIDiator-x86 versions prior to 4.2.24

Send a crafted HTTP GET request which tries to execute the 'id' command.

• http://www.netgear.com
• http://www.securityfocus.com/bid/62059

---

Updated on 2015-03-25