NetGear FVS318 ProSafe VPN Firewall Switch Multiple Vulnerabilities
BID:12278
Info
NetGear FVS318 ProSafe VPN Firewall Switch Multiple Vulnerabilities
| Bugtraq ID: | 12278 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-0290 CVE-2005-0291 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 17 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | Discovery is credited to Paul Kurczaba <[email protected]>. |
| Vulnerable: |
NetGear FVS318v2 2.4 NetGear FVS318 2.4 |
| Not Vulnerable: | |
Discussion
NetGear FVS318 ProSafe VPN Firewall Switch Multiple Vulnerabilities
NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks.
The following issues were identified:
It is reported that an attacker can bypass URI filters of the device.
The URI filter log viewer is reported prone to a cross-site scripting vulnerability.
The research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available.
NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks.
The following issues were identified:
It is reported that an attacker can bypass URI filters of the device.
The URI filter log viewer is reported prone to a cross-site scripting vulnerability.
The research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available.
Exploit / POC
NetGear FVS318 ProSafe VPN Firewall Switch Multiple Vulnerabilities
An exploit is not required.
The following proof of concept is available:
Filter Bypass:
Replace 'x' in '".exe' with '.e%78e'
Cross-site scripting:
http://www.example.com/somefile.exe</textarea><script>alert('XSS')</script>
An exploit is not required.
The following proof of concept is available:
Filter Bypass:
Replace 'x' in '".exe' with '.e%78e'
Cross-site scripting:
http://www.example.com/somefile.exe</textarea><script>alert('XSS')</script>
Solution / Fix
NetGear FVS318 ProSafe VPN Firewall Switch Multiple Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
NetGear FVS318 ProSafe VPN Firewall Switch Multiple Vulnerabilities
References:
References:
- Model FVS318 Product Page (Netgear)
- Multiple Vulnerabilities in Netgear FVS318 Router (Paul Kurczaba
)