NETGEAR ProSafe Network Management System 300 Arbitrary File Upload
Posted by deepcore on March 1, 2016 – 3:41 pm
Netgear’s ProSafe NMS300 is a network management utility that runs on Windows systems. The application has a file upload vulnerability that can be exploited by an unauthenticated remote attacker to execute code as the SYSTEM user. Two servlets are vulnerable, FileUploadController (located at /lib-1.0/external/flash/fileUpload.do) and FileUpload2Controller (located at /fileUpload.do). This Metasploit module exploits the latter, and has been tested with versions 1.5.0.2, 1.4.0.17 and 1.1.0.13.
Post a reply
You must be logged in to post a comment.