Vulnerability Description
cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Ssl312 | - |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2009-02/0084.html
- http://secunia.com/advisories/33896Vendor Advisory
- http://www.helith.net/txt/netgear_ssl312_remote_dos.txtExploit
- http://www.securityfocus.com/bid/33675Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48605
- https://www.exploit-db.com/exploits/8008
- http://archives.neohapsis.com/archives/fulldisclosure/2009-02/0084.html
- http://secunia.com/advisories/33896Vendor Advisory
- http://www.helith.net/txt/netgear_ssl312_remote_dos.txtExploit
- http://www.securityfocus.com/bid/33675Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48605
- https://www.exploit-db.com/exploits/8008
FAQ
What is CVE-2009-0680?
CVE-2009-0680 is a vulnerability with a CVSS score of 7.8 (HIGH). cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversa...
How severe is CVE-2009-0680?
CVE-2009-0680 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0680?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Ssl312.