1.6.0.18

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-03	CVE-2023-38098	Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability. network low complexity netgear	8.8
2024-05-03	CVE-2023-38099	Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability. network low complexity netgear	8.8
2024-05-03	CVE-2023-38100	Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability. network low complexity netgear	8.8
2024-05-03	CVE-2023-38101	Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. network low complexity netgear	8.8
2024-05-03	CVE-2023-38102	Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability. network low complexity netgear	8.8
2023-11-29	CVE-2023-49693	Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. network low complexity netgear CWE-306 critical	9.8
2023-11-29	CVE-2023-49694	Unspecified vulnerability in Netgear Prosafe Network Management System A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. local low complexity netgear	7.8