Intrusion PreventionNETGEAR.ProSafe.Startup-Config.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in multiple NETGEAR RroSafe products.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling HTTP requests. A remote attacker can exploit this to gain unauthorized access to sensitive information via a HTTP request.
Affected Products
NETGEAR ProSafe GS724Tv3 5.4.1.13 and prior
NETGEAR ProSafe GS716Tv2 5.4.1.13 and prior
NETGEAR ProSafe GS748Tv4 5.4.1.14 and prior
NETGEAR ProSafe GS510TP 5.4.0.6 and prior
NETGEAR ProSafe GS752TPS 5.3.0.17 and prior
NETGEAR ProSafe GS728TPS 5.3.0.17 and prior
NETGEAR ProSafe GS728TS 5.3.0.17 and prior
NETGEAR ProSafe GS725TS 5.3.0.17 and prior
NETGEAR ProSafe GS752TXS 6.1.0.12 and prior
NETGEAR ProSafe GS728TXS 6.1.0.12 and prior
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 38666 |
| Created | Jun 23, 2014 |
| Updated | Nov 05, 2021 |
| Risk |
|
| CVE ID | CVE-2013-4775 |
| Exploit Prediction Score | 67.95% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |