NETGEAR ReadyNAS Surveillance Command Execution

Added: 08/30/2016
CVE: CVE-2016-5674
BID: 92318

Background

NETGEAR ReadyNAS Surveillance combines their storage and switching solution (NETGEAR ReadyNAS Network Attached Storage system) with network video recording software from NUUO to provide an affordable surveillance solution for small businesses.

Problem

The web inteface used on NETGEAR ReadyNAS Surveillance contains a hidden file named __debugging_center_utils___.php that does not properly sanitize user input before passing it to the PHP system() call. Successful exploit results in command execution as the admin user.

Resolution

Contact the vendor for a software upgrade or find a different solution.

References

https://www.exploit-db.com/exploits/40200/

Limitations

Exploit works on NETGEAR ReadyNAS Surveillance v1.1.1 to v1.4.1.

Platforms

Linux

Back to exploit index