Cyber Resilience

CVE-2023-38101

High

Published: 03 May 2024

Published
03 May 2024
Modified
06 February 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0570 90.6th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-38101 is a high-severity Exposed Dangerous Method or Function (CWE-749) vulnerability in Netgear Prosafe Network Management System. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 9.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2023-38101 is a remote code execution vulnerability in the NETGEAR ProSAFE Network Management System, specifically within the SettingConfigController class. The flaw stems from an exposed dangerous function that permits arbitrary code execution in the context of the SYSTEM account. Although the vulnerability requires authentication, the existing mechanism can be bypassed, and it carries a CVSS score of 8.8.

Remote attackers with network access can exploit the issue to run arbitrary code on affected installations after bypassing authentication controls. Successful exploitation grants full system-level privileges on the target NETGEAR ProSAFE NMS deployment.

NETGEAR has released a security advisory addressing this and related issues under PSV-2023-0024 and PSV-2023-0025, with corresponding details also published by the Zero Day Initiative as ZDI-23-915; administrators should consult the vendor bulletin for patch availability and recommended remediation steps. The associated EPSS score remains low and unchanged at 0.0570.

EU & UK References

Vulnerability details

NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the…

more

existing authentication mechanism can be bypassed. The specific flaw exists within the SettingConfigController class. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19725.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

netgear
prosafe network management system
≤ 1.7.0.20

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-749

Explicitly prohibiting dangerous or unnecessary functions and services prevents exposure of methods that could be directly exploited.

addresses: CWE-749

Minimal functionality removes or avoids exposure of dangerous methods and functions.

References