Vulnerabilities > CVE-2014-4864 - Credentials Management vulnerability in Netgear Prosafe Firmware
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 7 |
Common Weakness Enumeration (CWE)
Packetstorm
data source | https://packetstormsecurity.com/files/download/135480/netgearGS105Ev2-xssbypassxsrf.txt |
id | PACKETSTORM:135480 |
last seen | 2016-12-05 |
published | 2016-01-28 |
reporter | Benedikt Westermann |
source | https://packetstormsecurity.com/files/135480/Netgear-GS105Ev2-Authentication-Bypass-XSS-CSRF.html |
title | Netgear GS105Ev2 Authentication Bypass / XSS / CSRF |