First published: Wed Nov 29 2023(Updated: )
NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code.
Credit: vulnreport@tenable.com
Affected Software | Affected Version | How to fix |
---|---|---|
NETGEAR ProSAFE Network Management System | <1.7.0.34 |
The issue has been fixed in NMS300 version 1.7.0.31
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-49693 is a vulnerability in NETGEAR ProSAFE Network Management System that allows remote code execution by unauthenticated users.
The severity of CVE-2023-49693 is critical with a severity score of 9.8.
CVE-2023-49693 affects NETGEAR ProSAFE Network Management System by exposing Java Debug Wire Protocol (JDWP) on port 11611 and allowing remote access by unauthenticated users.
Attackers can exploit CVE-2023-49693 by executing arbitrary code through the remotely accessible Java Debug Wire Protocol (JDWP).
Yes, a fix for CVE-2023-49693 is available. Please refer to the provided references for more information on how to mitigate the vulnerability.