1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Critical Flaws Found in NETGEAR Network Management System

Discussion in 'The Hacker News' started by RSS, Feb 5, 2016.

  1. RSS

    RSS New Member Member

    Netgear, one of the most popular router manufacturers, has been vulnerable to two different flaws that could allow hackers to compromise your corporate network and connected devices.

    Reported critical vulnerabilities reside in the Netgear's ProSafe NMS300 Model (Network Management System) – a centralized and comprehensive management application for network administrators that enables them to discover, monitor, configure, and report on SNMP-based enterprise-class network devices.

    SNMP (Simple Network Management Protocol) is a network management protocol which facilitates Netgear's ProSafe NMS300 application to gather data from various network devices such as servers, printers, hubs, switches, and routers.

    Remotely collected data includes CPU load, routing tables, and network traffic statistics.

    Serious Flaws in Network Management System

    A joint security dug conducted by Pedro Ribeiro (Security Researcher of UK Based firm Agile Information) along with CERT Committee divulged the vulnerabilities in the web interface of the router that could allow attackers to:
    • Upload and Execute any malicious file remotely (CVE-2016-1524)
    • Download any file from Server (CVE-2016-1525)
    Unauthorized Arbitrary File Upload Flaw: This flaw comes with the default installation of NMS300, allowing an unauthorized attacker to upload an arbitrary file and execute (Remote Code Execution) malicious code with SYSTEM privileges.
    Upload location: http://:8080/fileUpload.do
    Upload location: http://:8080/lib-1.0/external/flash/fileUpload.do
    Execurition Location: http://:8080/null​
    Directory Traversal Attack: This vulnerability allows authenticated users to read and download any restricted file by manipulating ‘realName’ parameter of POST request to http://:8080/data/config/image.do?method=add URL.

    The security vulnerabilities affect Netgear Management System NMS300, version and earlier.

    How to Protect Your Network from Hackers

    Since there are no patches yet available from Netgear to fix these vulnerabilities, the only solution that network admins could implement here is strengthening the firewall policy by restricting the untrusted sources.

    As threats continue to evolve and increase in volume and frequency, you can no longer rely on static network security monitoring.

    Network administrators highly recommended to monitor network-based services or protocols on a continuous basis using any Security monitoring solutions, like AlienVault Unified Security Management (USM), which also includes Intrusion detection (IDS) and Real-time threat intelligence to help administrators to identify quickly and remediate threats your network.

    Netgear had not yet commented to this issue.​

    Continue reading...

Share This Page