Critical severity9.8NVD Advisory· Published Sep 19, 2017· Updated May 13, 2026
CVE-2014-9618
CVE-2014-9618
Description
The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL.
Affected products
12cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*range: <=3.1.9
- cpe:2.3:a:netsweeper:netsweeper:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:netsweeper:netsweeper:4.1.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.htmlnvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/37933/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.