Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-29383

EPSS 75.25% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-29383

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NETGEAR FVS336G是美国网件(NETGEAR)公司的一款VPN(虚拟私人网络)防火墙路由器。 NETGEAR ProSafe SSL VPN firmware FVS336Gv2 和FVS336Gv3版本存在安全漏洞,该漏洞源于cgi-bin/platform.cgi中的USERDBDomains.Domainname缺少过滤转义,攻击者利用该漏洞可进行SQL注入攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2022-29383

#POC DescriptionSource LinkShenlong Link
1Nonehttps://github.com/badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383POC Details
2Nonehttps://github.com/cxaqhq/netgear-to-CVE-2022-29383POC Details
3NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-29383.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-29383

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-05-13 · 49 CVEs total

CVE-2022-258658.1 HIGHCommand Injection
CVE-2022-211907.5 HIGHPrototype Pollution
CVE-2022-258624.0 MEDIUMPrototype Pollution
CVE-2021-42969Anaconda3 操作系统命令注入漏洞
CVE-2022-30396Merchandise Online Store SQL注入漏洞
CVE-2020-22983MicroStrategy Web SDK 代码问题漏洞
CVE-2022-30371Air Cargo Management System SQL注入漏洞
CVE-2022-30373Air Cargo Management System SQL注入漏洞
CVE-2022-30372Air Cargo Management System SQL注入漏洞
CVE-2022-30374Air Cargo Management System SQL注入漏洞
CVE-2022-30378Simple Social Networking Site SQL注入漏洞
CVE-2022-30376Simple Social Networking Site SQL注入漏洞
CVE-2022-30375Simple Social Networking Site 安全漏洞
CVE-2022-30403Merchandise Online Store SQL注入漏洞
CVE-2022-30402Merchandise Online Store SQL注入漏洞
CVE-2022-30401Merchandise Online Store SQL注入漏洞
CVE-2022-30400Merchandise Online Store SQL注入漏洞
CVE-2022-30399Merchandise Online Store SQL注入漏洞
CVE-2022-30398Merchandise Online Store SQL注入漏洞
CVE-2021-42967novel-plus 代码问题漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2022-29383

No comments yet

Leave a comment