HTTP: Netgear ProSafe Remote Information Disclosure

This signature detects attempts to exploit a known vulnerability against Netgear ProSafe. A successful attack may lead to unauthorized information disclosure.

Extended Description

NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted administrator credentials and other startup configurations via a direct request to filesystem/startup-config.

References

BugTraq: 61918 63646 61924

CVE: CVE-2013-4775

Short Name
HTTP:NETGEAR:NETGEAR-PRO-SAFE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2013-4775 CVE-2013-4776 Disclosure Information Netgear ProSafe Remote bid:61918 bid:61924 bid:63646
Release Date
09/04/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
CVSS Score

7.8

Found a potential security threat?