VAR-201204-0035
Vulnerability from variot - Updated: 2025-04-11 23:20The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors. Netgear FVS318N Has an issue where remote administration is enabled by default. An attacker can bypass the restrictions and access the device management web interface. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Prosafe Fvs318n is prone to a remote security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "prosafe fvs318n",
"scope": "eq",
"trust": 1.9,
"vendor": "netgear",
"version": null
},
{
"model": "prosafe wireless-n 8-port gigabit vpn firewall fvs318n",
"scope": null,
"trust": 0.9,
"vendor": "netgear",
"version": null
},
{
"model": "fvs318n",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "BID",
"id": "52853"
},
{
"db": "BID",
"id": "78198"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:netgear:prosafe_fvs318n",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Barker of Electrosonics, Inc",
"sources": [
{
"db": "BID",
"id": "52853"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-486"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2439",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2012-2439",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-55720",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2439",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-2439",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-540",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-55720",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55720"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors. Netgear FVS318N Has an issue where remote administration is enabled by default. An attacker can bypass the restrictions and access the device management web interface. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Prosafe Fvs318n is prone to a remote security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2439"
},
{
"db": "CERT/CC",
"id": "VU#928795"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "BID",
"id": "52853"
},
{
"db": "BID",
"id": "78198"
},
{
"db": "VULHUB",
"id": "VHN-55720"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#928795",
"trust": 4.5
},
{
"db": "NVD",
"id": "CVE-2012-2439",
"trust": 2.8
},
{
"db": "BID",
"id": "52853",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-1722",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201210-486",
"trust": 0.6
},
{
"db": "BID",
"id": "78198",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-55720",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#928795"
},
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "VULHUB",
"id": "VHN-55720"
},
{
"db": "BID",
"id": "52853"
},
{
"db": "BID",
"id": "78198"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"id": "VAR-201204-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "VULHUB",
"id": "VHN-55720"
}
],
"trust": 1.3111111
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1722"
}
]
},
"last_update_date": "2025-04-11T23:20:41.628000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FVS318N",
"trust": 0.8,
"url": "http://www.netgear.com/business/products/security/wireless-VPN-firewalls/FVS318N.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55720"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://www.kb.cert.org/vuls/id/928795"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2439"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu928795"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2439"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/52853"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/business/products/security/wireless-vpn-firewalls/fvs318n.aspx"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#928795"
},
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "VULHUB",
"id": "VHN-55720"
},
{
"db": "BID",
"id": "52853"
},
{
"db": "BID",
"id": "78198"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#928795"
},
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "VULHUB",
"id": "VHN-55720"
},
{
"db": "BID",
"id": "52853"
},
{
"db": "BID",
"id": "78198"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-02T00:00:00",
"db": "CERT/CC",
"id": "VU#928795"
},
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"date": "2012-04-28T00:00:00",
"db": "VULHUB",
"id": "VHN-55720"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52853"
},
{
"date": "2012-04-27T00:00:00",
"db": "BID",
"id": "78198"
},
{
"date": "2012-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"date": "2012-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-486"
},
{
"date": "2012-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"date": "2012-04-28T00:55:01.267000",
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-03T00:00:00",
"db": "CERT/CC",
"id": "VU#928795"
},
{
"date": "2012-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"date": "2012-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-55720"
},
{
"date": "2012-04-02T00:00:00",
"db": "BID",
"id": "52853"
},
{
"date": "2012-04-27T00:00:00",
"db": "BID",
"id": "78198"
},
{
"date": "2012-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001989"
},
{
"date": "2012-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-486"
},
{
"date": "2012-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-540"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-2439"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear ProSafe Wireless-N 8-port Gigabit VPN Firewall FVS318N Router Security Bypass Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1722"
},
{
"db": "BID",
"id": "52853"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-486"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-540"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…