Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2). Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 65.7%.
Netgear
Java
File Upload
Prosafe Network Management Software 300
NVD
Exploit-DB
CVSS 3.0
9.6
EPSS
65.7%
Threat
5.4