CVE-2017-2137 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2017-2137

CWE

https://cwe.mitre.org/data/definitions/.html

ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote attackers to bypass access restriction and change configurations of the switch via SOAP requests.

Affected Software

Name	Vendor	Start Version	End Version
Prosafe_plus_configuration_utility	Netgear	*	2.3.28 (including)

References

http://jvn.jp/en/jp/JVN08740778/index.html
https://kb.netgear.com/000038443/Security-Advisory-for-Insecure-SOAP-Access-in-ProSAFE-Plus-Configuration-Utility-PSV-2017-1997
http://jvn.jp/en/jp/JVN08740778/index.html
https://kb.netgear.com/000038443/Security-Advisory-for-Insecure-SOAP-Access-in-ProSAFE-Plus-Configuration-Utility-PSV-2017-1997