iBSG
by N.V.K.INTER CO., LTD. (NVK)
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-39809 | Cri | 0.64 | 9.8 | 0.01 | Aug 21, 2023 | N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain an OS command injection vulnerability via shell metacharacters in the system_hostname parameter at /manage/network-basic.php. | ||
| CVE-2023-39808 | Cri | 0.64 | 9.8 | 0.01 | Aug 21, 2023 | N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password that allows attackers to login with root privileges via the SSH service. The cleartext password corresponding to the $1$4Tmm01jl$7HRvcW.bz7uGmX9hiQWvR hash was not determined by the… | ||
| CVE-2023-39807 | Cri | 0.64 | 9.8 | 0.01 | Aug 21, 2023 | N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php. |
- risk 0.64cvss 9.8epss 0.01
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain an OS command injection vulnerability via shell metacharacters in the system_hostname parameter at /manage/network-basic.php.
- risk 0.64cvss 9.8epss 0.01
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password that allows attackers to login with root privileges via the SSH service. The cleartext password corresponding to the $1$4Tmm01jl$7HRvcW.bz7uGmX9hiQWvR hash was not determined by the…
- risk 0.64cvss 9.8epss 0.01
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php.