Marc Olivier Chouinard

**Name of the Vulnerable Software and Affected Versions** NETGEAR GS108PE Prosafe Plus switches version 1.2.0.5 **Description** The issue allows remote attackers to execute arbitrary code by exploiting a hardcoded password for the `ntgruser` account. This can be achieved via requests to specific API endpoints, including (1) "produce burn.cgi", (2) "register debug.cgi", or (3) "bootcode update.cgi", allowing attackers to upload firmware, read, or modify memory contents. **Recommendations** For NETGEAR GS108PE Prosafe Plus switches version 1.2.0.5, consider changing the hardcoded password for the `ntgruser` account to prevent unauthorized access. As a temporary workaround, restrict access to the vulnerable API endpoints "produce burn.cgi", "register debug.cgi", and "bootcode update.cgi" to minimize the risk of exploitation.