Does the firewall involve Netgear VPN SQL injection vulnerability (CVE-2022-29383)
- Vulnerability scan
- Vulnerability related
- Firewall M9000 Series, M9000-S Series, M9000-X Series, M9000-AI Series
- NGFW Firewall
2025-06-25 10:05:02
Published
- 0 Followed
- 0Collected ,147Browsed
Problem Description
The Netgear ProSafe VPN firewall is a security appliance developed by NETGEAR Inc., featuring a WEB interface for device management. NETGEAR ProSafe SSL VPN firmware versions FVS336Gv2 and FVS336Gv3 were found to have an SQL injection vulnerability. Attackers could exploit this vulnerability through the USERDBDomains.Domainname parameter in cgi-bin/platform.cgi to perform SQL injection and access sensitive information in the database.
Process Analysis
Not available
Solution
Not involved