HTTP: Netgear ProSAFE NMS300 fileUpload.do Arbitrary File Upload

This signature detects an attempt to exploit a known vulnerability against Netgear ProSAFE. Successful exploitation could allow an attacker to upload arbitrary files which could lead to further attacks.

Extended Description

Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via a direct request for a /null URI.

Affected Products

Netgear prosafe_network_management_software_300

Short Name
HTTP:MISC:NG-ARB-FLUPLOAD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2016-1524 CVE-2016-1525 File NMS300 Netgear ProSAFE Upload bid:82630 fileUpload.do
Release Date
03/29/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3658
False Positive
Unknown
Vendors

Netgear

CVSS Score

8.3

Found a potential security threat?