CVE-2021-35226
published 2022-10-10CVE-2021-35226: An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials…
PriorityP335medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.45%
35.6th percentile
An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| solarwinds | network_configuration_manager | <= 2020.2.5 | — |
| solarwinds | network_configuration_manager | >= 2020.2.5 and previous version < 2020.2.5 | 2020.2.5 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)
suricata·2021-03-11·CVSS 6.8
CVE-2020-35226 [MEDIUM] ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)"; content:"|00 1a 00|"; startswith; content:"|00 0a|"; content:"|ff|"; distance:1; within:1; content:"|ff ff 00 00|"; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031945; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35225, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag Description_Gen
Suricata
ET EXPLOIT Possible NSDP (Netgear) Unauthenticated Write Access to DHCP Config (CVE-2020-35226)
suricata·2021-03-11·CVSS 7.1
CVE-2020-35226 [HIGH] ET EXPLOIT Possible NSDP (Netgear) Unauthenticated Write Access to DHCP Config (CVE-2020-35226)
ET EXPLOIT Possible NSDP (Netgear) Unauthenticated Write Access to DHCP Config (CVE-2020-35226)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Unauthenticated Write Access to DHCP Config (CVE-2020-35226)"; content:"|00 0b 00|"; content:"|ff ff 00 00|"; distance:2; within:4; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031940; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35226, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_03_11;
Suricata
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)
suricata·2021-03-11·CVSS 6.8
CVE-2020-35226 [MEDIUM] ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)"; content:"|00 1a 00|"; startswith; content:"|00 03|"; content:"|ff|"; distance:1; within:1; content:"|ff ff 00 00|"; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031943; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35225, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag Description_Gen
Suricata
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)
suricata·2021-03-11·CVSS 6.8
CVE-2020-35226 [MEDIUM] ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)"; content:"|00 1a 00|"; startswith; content:"|00 05|"; content:"|ff|"; distance:1; within:1; content:"|ff ff 00 00|"; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031944; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35225, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag Description_Gen
No public exploits indexed.
No writeups or analysis indexed.
2022-10-10
Published