Rewterz Threat Advisory – CVE-2021-42648 – Node.js code-server module Vulnerability
May 17, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
May 17, 2022Rewterz Threat Advisory – CVE-2021-42648 – Node.js code-server module Vulnerability
May 17, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
May 17, 2022Severity
Medium
Analysis Summary
CVE-2022-29383
NETGEAR ProSafe FVS336Gv2 and NETGEAR ProSafe FVS336Gv3 are vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to USERDBDomains.Domain name in cgi-bin/platform.cgi, which could allow the attacker to view, add, modify or delete information in the back-end database.
Impact
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2022-29383
Affected Vendors
- NETGEAR
Affected Products
- NETGEAR ProSafe FVS336Gv2
- NETGEAR ProSafe FVS336Gv3
Remediation
Upgrade to the latest version of NETGEAR, available from the NETGEAR WebSite.