Medium severity5.3NVD Advisory· Published Sep 19, 2017· Updated May 13, 2026
CVE-2014-9610
CVE-2014-9610
Description
Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantine_disable.php.
Affected products
12cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*range: <=3.1.9
- cpe:2.3:a:netsweeper:netsweeper:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.1.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.htmlnvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/37929/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.