CVE-2023-24498— Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.

CVSS 7.5 · High EPSS 0.21% · P43 Updated Mar 18, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-24498

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.

Source: NVD (National Vulnerability Database)

Vulnerability Description

An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

不充分的凭证保护机制

Source: NVD (National Vulnerability Database)

Vulnerability Title

Netgear ProSAFE FS726TP 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

NETGEAR Netgear ProSAFE FS726TP是美国网件（NETGEAR）公司的一个无线控制器。 Netgear ProSAFE 24 Port 10/100 FS726TP版本存在安全漏洞，该漏洞源于交换机 Web 服务器中未指定的端点无法正确验证用户身份，并且可能允许将带有密码的配置页面以明文形式下载到交换机。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Netgear	ProSAFE 24 Port 10/100 FS726TP	.	-

II. Public POCs for CVE-2023-24498

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-24498

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2023-24498

Same Patch Batch · Netgear · 2023-02-15 · 4 CVEs total

CVE-2023-0848	5.3 MEDIUM	Netgear WNDR3700v2 Web Management Interface denial of service
CVE-2023-0849	4.7 MEDIUM	Netgear WNDR3700v2 Web Interface command injection
CVE-2023-0850	2.7 LOW	Netgear WNDR3700v2 Web Interface denial of service

IV. Related Vulnerabilities

Same vendor: Netgear

Same weakness: CWE-522

V. Comments for CVE-2023-24498

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-24498— Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.

I. Basic Information for CVE-2023-24498

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-24498

III. Intelligence Information for CVE-2023-24498

Same Patch Batch · Netgear · 2023-02-15 · 4 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-24498

Leave a comment