NETGEAR ProSAFE NMS Default MySQL Credentials Local Priv Esc
CVE-2024-5245 Published on May 23, 2024
NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability
NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the product installer. The issue results from the use of default MySQL credentials. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22755.
Weakness Type
Products Associated with CVE-2024-5245
Want to know whenever a new CVE is published for Netgear Prosafe Network Management System? stack.watch will email you.
Affected Versions
NETGEAR ProSAFE Network Management System:- Version 1.7.0.34 x64 is affected.
- Version 1.7.0.34 x64 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.