CVE-2024-5246

HIGH

Netgear Prosafe Network Management So... - Remote Code Execution

Title source: rule

Description

NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from the use of a vulnerable version of Apache Tomcat. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22868.

Exploits (1)

nomisec WORKING POC 2 stars
by Abdurahmon3236 · poc
https://github.com/Abdurahmon3236/CVE-2024-5246

References (2)

Scores

CVSS v3 8.8
EPSS 0.7471
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
netgear/prosafe_network_management_software_300 1.7.0.37
Published May 23, 2024
Tracked Since Feb 18, 2026