漏洞描述
Netgear Management System NMS300是美国网件(NetGear)公司的一套用于诊断、控制和优化网络设备的网络管理系统。 Netgear Management System NMS300 1.5.0.11及之前版本中存在任意文件上传漏洞。远程攻击者可通过使用fileUpload.do或lib-1.0/external/flash/fileUpload.do文件上传JSP文件,并发送直接的请求访问该文件利用该漏洞执行任意Java代码。
Netgear Management System NMS300 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- Code-Projects Refugee Food Management System SQL注入漏洞
- CampCodes Supplier Management System SQL注入漏洞
- Code-Projects College Notes Uploading System SQL注入漏洞
- Code-Projects Assessment Management SQL注入漏洞
- itsourcecode Online Frozen Foods Ordering System SQL注入漏洞
- (CVE-2025-15011)Simple Stock System 1.0 logout.php SQL注入漏洞
- POC CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- 中成科信票务管理系统 /SystemManager/Api/TicketManager.ashx SQL 注入漏洞
- 新视窗新一代物业管理系统 /OfficeManagement/RegisterManager/Report/Training/Report/GetprintData.asmx SQL 注入漏洞
- 泛微e-office /E-mobile/App/System/UserSelect/dept.php 未授权访问漏洞
- School Fees Payment System /student.php SQL 注入漏洞(CVE-2025-6403)
- (CVE-2021-4462)Employee Records System 1.0任意文件上传漏洞