March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
July 17, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
July 17, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
July 17, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
July 17, 2023
Severity
High
Analysis Summary
CVE-2023-38102 CVSS:7.2
Netgear ProSAFE Network Management System could allow a remote authenticated attacker to gain elevated privileges on the system, caused by missing authorization within the createUser function. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges to resources normally protected from the user.
CVE-2023-38101 CVSS:7.2
Netgear ProSAFE Network Management System could allow a remote authenticated attacker to execute arbitrary code on the system, caused by exposing dangerous functions in SettingConfigController. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-38100 CVSS:8.8
Netgear ProSAFE Network Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the clearAlertByIds function, which could allow the attacker to view, add, modify or delete information in the back-end database. .
CVE-2023-38098 CVSS:8.8
Netgear ProSAFE Network Management System could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the UpLoadServlet class. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
CVE-2023-38097 CVSS:7.2
Netgear ProSAFE Network Management System could allow a remote authenticated attacker to execute arbitrary code on the system, caused by exposing dangerous functions in BkreProcessThread. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Privilege Escalation
- Code Execution
- Security Bypass
- File Manipulation
Indicators Of Compromise
CVE
- CVE-2023-38102
- CVE-2023-38101
- CVE-2023-38100
- CVE-2023-38098
- CVE-2023-38097
Affected Vendors
NETGEAR
Affected Products
- NetGear ProSAFE
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade or suggested workaround information.