VDB

GCVE-110-CERTCC-2015-777024

GCVE-110-CERTCC-2015-777024
Advisory PublishedCVSS 8.3/10
Vulnetix · Advisory published February 3, 2016
Netgear Management System NMS300, version 1.5.0.11 and earlier, is vulnerable to arbitrary file upload, which may be leveraged by unauthenticated users to execute arbitrary code with SYSTEM privileges. A directory traversal vulnerability enables authenticated users to download arbitrary files.

Risk Scores

CVSS 2.0
8.3/10
High · AV:A/AC:L/Au:N/C:C/I:C/A:C
certcc-cam
certcc-cam
impact0population0exploitation0widely_known0score_current0ease_of_exploitation0
certcc-vrda
certcc-vrda
d1_impact4d1_population2d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score7.5remediation_levelUreport_confidenceCenvironmental_score5.622622822656target_distributionMenvironmental_vectorCDP:ND/TD:M/CR:ND/IR:ND/AR:ND

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›