Scan free
HIGHCVE-2024-5505CVSS 8.8

CVE-2024-5505: RCE in NETGEAR ProSAFE Network Management System

Platform

netgear

Component

netgear-prosafe-network-management-system

Fixed in

1.7.1

AI Confidence: highNVDEPSS 76.0%Reviewed: May 2026
View on NVD
Save

CVE-2024-5505 is a Remote Code Execution (RCE) vulnerability affecting the NETGEAR ProSAFE Network Management System. This flaw allows authenticated attackers to execute arbitrary code on vulnerable systems, potentially leading to complete system compromise. The vulnerability impacts versions 1.7.0.34–1.7.0.34 x64. A fix is pending from NETGEAR.

Impact and Attack Scenarios

The primary impact of CVE-2024-5505 is the ability for an authenticated attacker to execute arbitrary code on the affected NETGEAR ProSAFE Network Management System. This means an attacker could gain full control of the device, potentially accessing sensitive network configurations, user credentials, and other data. Successful exploitation could allow for lateral movement within the network, enabling the attacker to compromise other connected devices. The SYSTEM context under which the code executes grants a high level of privilege, maximizing the potential damage. This vulnerability shares similarities with other file upload vulnerabilities where insufficient path validation allows for traversal and code execution.

Exploitation Context

CVE-2024-5505 was reported to ZDI (ZDI-CAN-22724) and subsequently disclosed publicly on 2024-06-06. The vulnerability's CVSS score of 8.8 (HIGH) indicates a significant risk. Currently, there are no publicly available exploits, but the ease of exploitation (requiring only authentication) suggests a medium probability of exploitation. It is not currently listed on CISA KEV, but this could change. Monitor security advisories from NETGEAR and security news sources for updates.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

76.00% (99% percentile)

CISA SSVC

Exploitationnone
Automatableno
Technical Impacttotal

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H8.8HIGHAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredLowAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
Low — any valid user account is sufficient. Basic authenticated access required.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentnetgear-prosafe-network-management-system
VendorNETGEAR
Affected rangeFixed in
1.7.0.34 x64 – 1.7.0.34 x641.7.1

Weakness Classification (CWE)

CWE-22

Timeline

  1. Reserved
  2. Published
  3. Modified
  4. EPSS updated
Unpatched — 717 days since disclosure

Mitigation and Workarounds

While a direct patch is pending, several mitigation steps can reduce the risk. First, restrict network access to the NETGEAR ProSAFE Network Management System to only trusted sources. Implement strict firewall rules to limit inbound connections. Monitor file uploads closely, looking for suspicious filenames or extensions. Consider using a Web Application Firewall (WAF) to filter potentially malicious requests. If possible, temporarily disable the UpLoadServlet functionality. After a fix is released, upgrade to the patched version immediately and verify the fix by attempting a file upload with a known malicious path to ensure it is blocked.

How to fix

Update the NETGEAR ProSAFE Network Management System to a version that is not vulnerable. Refer to the vendor's website for the latest version and update instructions.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2024-5505 — RCE in NETGEAR ProSAFE Network Management System?

CVE-2024-5505 is a Remote Code Execution vulnerability in NETGEAR ProSAFE Network Management System versions 1.7.0.34–1.7.0.34 x64, allowing authenticated attackers to execute arbitrary code.

Am I affected by CVE-2024-5505 in NETGEAR ProSAFE Network Management System?

If you are running NETGEAR ProSAFE Network Management System version 1.7.0.34–1.7.0.34 x64, you are potentially affected by this vulnerability.

How do I fix CVE-2024-5505 in NETGEAR ProSAFE Network Management System?

Upgrade to the patched version when available from NETGEAR. Until then, implement mitigation steps like restricting network access and monitoring file uploads.

Is CVE-2024-5505 being actively exploited?

While no public exploits are currently available, the vulnerability's ease of exploitation suggests a medium probability of exploitation. Monitor security advisories for updates.

Where can I find the official NETGEAR advisory for CVE-2024-5505?

Refer to the NETGEAR security advisory page for the latest information and updates regarding CVE-2024-5505.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs