CVE-2023-41183— NETGEAR Orbi RBS760 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2023-41183の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SOAP API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20524.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
关键功能的认证机制缺失
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
NETGEAR Orbi RBS760 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
NETGEAR Orbi RBS760是美国网件(NETGEAR)公司的一款无线接入点。 NETGEAR Orbi RBS760 存在安全漏洞,该漏洞源于SOAP API存在身份验证绕过漏洞。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2023-41183の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2023-41183のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · NETGEAR · 2024-05-03 · 31 CVEs total
| CVE-2023-40479 | NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability | |
| CVE-2023-34283 | NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability | |
| CVE-2023-34285 | NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulner | |
| CVE-2023-34284 | NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability | |
| CVE-2023-50231 | NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Esc | |
| CVE-2023-27358 | NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability | |
| CVE-2023-27368 | NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability | |
| CVE-2023-27360 | NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability | |
| CVE-2023-27357 | NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability | |
| CVE-2023-27361 | NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulne | |
| CVE-2023-27356 | NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability | |
| CVE-2023-27369 | NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerabilit | |
| CVE-2023-27370 | NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability | |
| CVE-2023-27367 | NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability | |
| CVE-2023-40478 | NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerab | |
| CVE-2023-35721 | NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution V | |
| CVE-2023-40480 | NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability | |
| CVE-2023-44449 | NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalati | |
| CVE-2023-44450 | NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote | |
| CVE-2023-44445 | NETGEAR CAX30 SSO Stack-based Buffer Overflow Remote Code Execution Vulnerability |
Showing 20 of 31 CVEs. View all on vendor page →
IV. 関連脆弱性
同じベンダー: NETGEAR
- CVE-2026-24714
NETGEAR PR2000 安全漏洞 - CVE-2026-0404
Insufficient input validation in NETGEAR Orbi routers - CVE-2026-0408
Path traversal vulnerability in Netgear WiFi Range Extenders - CVE-2026-0407
Authentication bypass in NETGEAR WiFi Range Extenders via ne - CVE-2026-0406
Insufficient input validation in NETGEAR Nighthawk router XR
同じ弱点: CWE-306
- CVE-2021-47940
WordPress Download From Files 1.48 Arbitrary File Upload - CVE-2021-47936
OpenCATS 0.9.4 Remote Code Execution via Resume Upload - CVE-2021-47933
WordPress MStore API 2.0.6 Arbitrary File Upload - CVE-2026-8185
UGREEN CM933 Administrative missing authentication - CVE-2026-42302
FastGPT: Unauthenticated Remote Code Execution (RCE) via cod
V. CVE-2023-41183へのコメント
まだコメントはありません