CVE-2013-4775

NETGEAR ProSafe Firmware - Sensitive Information Exposure via Direct Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4775. PoCs published by Juan J. Guelfo.

AI-analyzed exploit summary This exploit leverages an information disclosure vulnerability in Netgear ProSafe devices to retrieve the startup configuration file via an unauthenticated HTTP request. The PoC connects to the target device and downloads the configuration file to a specified output file.

Description

NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.17; and GS752TXS and GS728TXS with firmware 6.1.0.12 allows remote attackers to read encrypted administrator credentials and other startup configurations via a direct request to filesystem/startup-config.

Exploits (1)

exploitdb WORKING POC

by Juan J. Guelfo · pythonwebappshardware

https://www.exploit-db.com/exploits/27774

View Code ZIP pw:eip

This exploit leverages an information disclosure vulnerability in Netgear ProSafe devices to retrieve the startup configuration file via an unauthenticated HTTP request. The PoC connects to the target device and downloads the configuration file to a specified output file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Netgear ProSafe (multiple models, version not specified)

No auth needed

Prerequisites: Network access to the target device · HTTP admin interface accessible on the specified port

MITRE ATT&CK

T1083 - File and Directory Discovery T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit x_refsource_misc

http://www.encripto.no/forskning/whitepapers/Netgear_prosafe_advisory_aug_2013.pdf

Scores

EPSS 0.1496

EPSS Percentile 96.3%

Details

CWE

CWE-200

Status published

Products (17)

netgear/prosafe_firmware 5.3.0.17

netgear/prosafe_firmware 5.0.4.4

netgear/prosafe_firmware 5.4.0.6

netgear/prosafe_firmware 5.4.1.10

netgear/prosafe_firmware 6.1.0.12

netgear/prosafe_firmware 5.4.1.13

netgear/prosafe_firmware < 5.4.1.13

netgear/prosafe_gs510tp

netgear/prosafe_gs724t v3

netgear/prosafe_gs725ts

... and 7 more

Published Dec 19, 2013

Tracked Since Feb 18, 2026