VDB
GCVE-110-CERTCC-2015-777024
GCVE-110-CERTCC-2015-777024
Advisory PublishedCVSS 8.3/10
Netgear Management System NMS300, version 1.5.0.11 and earlier, is vulnerable to arbitrary file upload, which may be leveraged by unauthenticated users to execute arbitrary code with SYSTEM privileges. A directory traversal vulnerability enables authenticated users to download arbitrary files.
Risk Scores
CVSS 2.0
8.3/10
High · AV:A/AC:L/Au:N/C:C/I:C/A:C
certcc-cam
certcc-cam
impact0population0exploitation0widely_known0score_current0ease_of_exploitation0
certcc-vrda
certcc-vrda
d1_impact4d1_population2d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score7.5remediation_levelUreport_confidenceCenvironmental_score5.622622822656target_distributionMenvironmental_vectorCDP:ND/TD:M/CR:ND/IR:ND/AR:ND
Aliases
References
Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
url
Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
url
Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
url
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.