Intrusion Prevention

Netgear.ProSAFE.login_handler.Remote.Command.Execution

Description

This indicates a detection of a Command Injection vulnerability in Netgear ProSAFE Products.
The vulnerability is due to an error in the application when handling a crafted HTTP request. It may allow remote attackers to execute arbitrary code on vulnerable systems, via a crafted HTTP request.

Affected Products

Netgear ProSAFE WC9500
Netgear ProSafe WC7600
Netgear ProSafe WC7520

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue