Vulnerability Details CVE-2017-2137
ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote attackers to bypass access restriction and change configurations of the switch via SOAP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.1%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
References
- http://jvn.jp/en/jp/JVN08740778/index.html
- https://kb.netgear.com/000038443/Security-Advisory-for-Insecure-SOAP-Access-in-ProSAFE-Plus-Configuration-Utility-PSV-2017-1997
- http://jvn.jp/en/jp/JVN08740778/index.html
- https://kb.netgear.com/000038443/Security-Advisory-for-Insecure-SOAP-Access-in-ProSAFE-Plus-Configuration-Utility-PSV-2017-1997
Products affected by CVE-2017-2137
-
cpe:2.3:a:netgear:prosafe_plus_configuration_utility:2.3.28