Reported critical vulnerabilities reside in the Netgear's ProSafe NMS300 Model (Network Management System) – a centralized and comprehensive management application for network administrators that enables them to discover, monitor, configure, and report on SNMP-based enterprise-class network devices.
SNMP (Simple Network Management Protocol) is a network management protocol which facilitates Netgear's ProSafe NMS300 application to gather data from various network devices such as servers, printers, hubs, switches, and routers.
Remotely collected data includes CPU load, routing tables, and network traffic statistics.
A joint security dug conducted by Pedro Ribeiro (Security Researcher of UK Based firm Agile Information) along with CERT Committee divulged the vulnerabilities in the web interface of the router that could allow attackers to:
- Upload and Execute any malicious file remotely (CVE-2016-1524)
- Download any file from Server (CVE-2016-1525)
Unauthorized Arbitrary File Upload Flaw: This flaw comes with the default installation of NMS300, allowing an unauthorized attacker to upload an arbitrary file and execute (Remote Code Execution) malicious code with SYSTEM privileges.
Upload location: https://
Upload location: https:// :8080/lib-1.0/external/flash/fileUpload.do
Execurition Location: https:// :8080/null
The security vulnerabilities affect Netgear Management System NMS300, version 220.127.116.11 and earlier.
How to Protect Your Network from Hackers
Since there are no patches yet available from Netgear to fix these vulnerabilities, the only solution that network admins could implement here is strengthening the firewall policy by restricting the untrusted sources.
Network administrators are strongly encouraged to monitor network-based services or protocols on a continuous basis using security monitoring solutions like AlienVault Unified Security Management (USM), which also includes intrusion detection (IDS) and real-time threat intelligence to help administrators to quickly
Netgear had not yet commented to this issue.