{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-38102", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-07-12T15:22:20.618Z", "datePublished": "2024-05-03T01:59:03.692Z", "dateUpdated": "2024-09-18T18:29:35.218Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-09-18T18:29:35.218Z"}, "title": "NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability", "descriptions": [{"lang": "en", "value": "NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the createUser function. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-19726."}], "affected": [{"vendor": "NETGEAR", "product": "ProSAFE Network Management System", "versions": [{"version": "1.7.0.12 (Win64)", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-914/", "name": "ZDI-23-914", "tags": ["x_research-advisory"]}, {"url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2023-07-12T10:35:24.863-05:00", "datePublic": "2023-07-13T14:51:59.417-05:00", "source": {"lang": "en", "value": "Steven Seeley of Source Incite"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38102", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-06T18:22:10.679621Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:netgear:prosafe_network_management_system:*:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "prosafe_network_management_system", "versions": [{"status": "affected", "version": "0", "lessThan": "1.7.0.20", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:28:07.596Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:30:14.071Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-914/", "name": "ZDI-23-914", "tags": ["x_research-advisory", "x_transferred"]}, {"url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025", "name": "vendor-provided URL", "tags": ["vendor-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-914/", "name": "ZDI-23-914", "tags": ["x_research-advisory", "x_transferred"]}, {"url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025", "name": "vendor-provided URL", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:30:14.071Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38102", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-06T18:22:10.679621Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:netgear:prosafe_network_management_system:*:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "prosafe_network_management_system", "versions": [{"status": "affected", "version": "0", "lessThan": "1.7.0.20", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-06T18:23:11.946Z"}}], "cna": {"title": "NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability", "source": {"lang": "en", "value": "Steven Seeley of Source Incite"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "NETGEAR", "product": "ProSAFE Network Management System", "versions": [{"status": "affected", "version": "1.7.0.12 (Win64)"}], "defaultStatus": "unknown"}], "datePublic": "2023-07-13T14:51:59.417-05:00", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-914/", "name": "ZDI-23-914", "tags": ["x_research-advisory"]}, {"url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2023-07-12T10:35:24.863-05:00", "descriptions": [{"lang": "en", "value": "NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the createUser function. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-19726."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-09-18T18:29:35.218Z"}}}, "cveMetadata": {"cveId": "CVE-2023-38102", "state": "PUBLISHED", "dateUpdated": "2024-09-18T18:29:35.218Z", "dateReserved": "2023-07-12T15:22:20.618Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2024-05-03T01:59:03.692Z", "assignerShortName": "zdi"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netgear:prosafe_network_management_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "576FE1E0-1CDF-44E3-BB14-489F9DE371CE", "versionEndExcluding": "1.7.0.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the createUser function. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-19726."}, {"lang": "es", "value": "Vulnerabilidad de escalada de privilegios de autorizaci\u00f3n faltante de creaci\u00f3n del sistema de gesti\u00f3n de red NETGEAR ProSAFE. Esta vulnerabilidad permite a atacantes remotos escalar privilegios en las instalaciones afectadas de NETGEAR ProSAFE Network Management System. Aunque se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad, se puede omitir el mecanismo de autenticaci\u00f3n existente. La falla espec\u00edfica existe dentro de la funci\u00f3n createUser. El problema se debe a la falta de autorizaci\u00f3n antes de permitir el acceso a la funcionalidad. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios a recursos normalmente protegidos del usuario. Era ZDI-CAN-19726."}], "id": "CVE-2023-38102", "lastModified": "2025-02-06T18:00:50.560", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-03T02:15:53.147", "references": [{"source": "zdi-disclosures@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025"}, {"source": "zdi-disclosures@trendmicro.com", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-914/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.netgear.com/000065707/Security-Advisory-for-Multiple-Vulnerabilities-on-the-ProSAFE-Network-Management-System-PSV-2023-0024-PSV-2023-0025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-914/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}

{}