CVE-2023-38101
Published: 03 May 2024
Summary
CVE-2023-38101 is a high-severity Exposed Dangerous Method or Function (CWE-749) vulnerability in Netgear Prosafe Network Management System. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 9.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-38101 is a remote code execution vulnerability in the NETGEAR ProSAFE Network Management System, specifically within the SettingConfigController class. The flaw stems from an exposed dangerous function that permits arbitrary code execution in the context of the SYSTEM account. Although the vulnerability requires authentication, the existing mechanism can be bypassed, and it carries a CVSS score of 8.8.
Remote attackers with network access can exploit the issue to run arbitrary code on affected installations after bypassing authentication controls. Successful exploitation grants full system-level privileges on the target NETGEAR ProSAFE NMS deployment.
NETGEAR has released a security advisory addressing this and related issues under PSV-2023-0024 and PSV-2023-0025, with corresponding details also published by the Zero Day Initiative as ZDI-23-915; administrators should consult the vendor bulletin for patch availability and recommended remediation steps. The associated EPSS score remains low and unchanged at 0.0570.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-41927
Vulnerability details
NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the…
more
existing authentication mechanism can be bypassed. The specific flaw exists within the SettingConfigController class. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19725.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.