Scan free
CRITICALCVE-2023-38096CVSS 9.8

CVE-2023-38096: Authentication Bypass in NETGEAR ProSAFE

Platform

netgear

Component

netgear-prosafe-network-management-system

Fixed in

1.7.1

AI Confidence: highNVDEPSS 74.9%Reviewed: May 2026
View on NVD
Save

CVE-2023-38096 is a critical authentication bypass vulnerability affecting NETGEAR ProSAFE Network Management System version 1.7.0.12. This flaw allows remote attackers to bypass authentication controls, potentially leading to unauthorized access and control of the system. Successful exploitation requires no credentials, significantly increasing the risk. A fix is available from NETGEAR.

Impact and Attack Scenarios

The impact of CVE-2023-38096 is severe. An attacker can exploit this vulnerability to gain complete, unauthorized access to the NETGEAR ProSAFE Network Management System without needing valid credentials. This could allow them to modify network configurations, steal sensitive data stored on the system, or launch further attacks against other devices on the network. The lack of authentication requirement makes this vulnerability particularly dangerous, as it bypasses a fundamental security control. This is similar to other authentication bypass vulnerabilities where attackers can directly access backend systems.

Exploitation Context

CVE-2023-38096 was disclosed on May 3, 2024. The vulnerability was reported to NETGEAR as ZDI-CAN-19718. The CVSS score of 9.8 (CRITICAL) indicates a high probability of exploitation. Public proof-of-concept (POC) code is currently unavailable, but the ease of exploitation (no credentials required) suggests that it is likely to emerge. It is not currently listed on the CISA KEV catalog.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

74.93% (99% percentile)

CISA SSVC

Exploitationnone
Automatableyes
Technical Impacttotal

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Affected Software

Componentnetgear-prosafe-network-management-system
VendorNETGEAR
Affected rangeFixed in
1.7.0.12 (Win64) – 1.7.0.12 (Win64)1.7.1

Weakness Classification (CWE)

CWE-287

Timeline

  1. Reserved
  2. Published
  3. Modified
  4. EPSS updated
Unpatched — 751 days since disclosure

Mitigation and Workarounds

The primary mitigation for CVE-2023-38096 is to upgrade to a patched version of the NETGEAR ProSAFE Network Management System as soon as it becomes available from NETGEAR. Until the upgrade is possible, consider implementing temporary workarounds such as restricting network access to the management interface using firewalls or access control lists (ACLs). Monitor network traffic for suspicious activity targeting the management interface. While a WAF might offer some protection, it is not a substitute for patching the underlying vulnerability. After upgrading, confirm the fix by attempting to access the management interface without providing valid credentials; access should be denied.

How to fix

Update to a version of the NETGEAR ProSAFE Network Management System that corrects the authentication bypass vulnerability. Refer to the NETGEAR security advisory (PSV-2023-0024-PSV-2023-0025) for the corrected version and upgrade instructions.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2023-38096 — Authentication Bypass in NETGEAR ProSAFE?

CVE-2023-38096 is a critical vulnerability in NETGEAR ProSAFE Network Management System allowing attackers to bypass authentication without credentials, potentially gaining unauthorized access.

Am I affected by CVE-2023-38096 in NETGEAR ProSAFE?

If you are using NETGEAR ProSAFE Network Management System version 1.7.0.12, you are affected by this vulnerability and should prioritize patching.

How do I fix CVE-2023-38096 in NETGEAR ProSAFE?

Upgrade to a patched version of NETGEAR ProSAFE Network Management System as soon as it becomes available from NETGEAR. Until then, implement temporary workarounds like restricting network access.

Is CVE-2023-38096 being actively exploited?

While no active exploitation has been publicly confirmed, the ease of exploitation suggests a high likelihood of exploitation in the near future.

Where can I find the official NETGEAR advisory for CVE-2023-38096?

Please refer to the official NETGEAR security advisory for CVE-2023-38096 on the NETGEAR support website.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs