漏洞描述
Netgear ProSafe NMS300存在任意文件上传漏洞。该漏洞是由于image.do对用户访问控制不当,并存在输入校验错误导致。
Netgear ProSAFE NMS300 image.do目录遍历漏洞
PoC代码
暂无相关漏洞推荐
- POC gradio-image-ssrf: Gradio Image Component - Server-Side Request Forgery
- Tautulli /image/images 目录遍历漏洞(CVE-2025-58760)
- Tautulli /real_pms_image_proxy 目录遍历漏洞(CVE-2025-58761)
- Wordpress Plugin Eventin /wp-admin/admin-ajax.php proxy_image 文件读取漏洞(CVE-2025-3419)
- POC PageOffice /sealimage.zz 文件读取漏洞
- POC Smartbi /imageimport.jsp 存在任意文件上传
- wordpress-ext-adaptive-images-lfi: Wordpress Ext Adaptive Images lfi
- easyimage-download-upload: EasyImage manager.php 后台任意文件上传漏洞
- mojoPortal imagehandler存在任意文件读取漏洞
- POC CVE-2016-1000129: WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting
- POC CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload
- POC CVE-2020-26919: NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution
- POC CVE-2021-20167: Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun