VYPR

Netsupport Manager

by Netsupport

CVEs (6)

  • CVE-2025-34164CriAug 30, 2025
    risk 0.61cvss epss 0.01

    A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or execute arbitrary code.

  • CVE-2025-34181HigDec 15, 2025
    risk 0.57cvss epss 0.01

    NetSupport Manager < 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary…

  • CVE-2025-34179HigDec 15, 2025
    risk 0.57cvss epss 0.00

    NetSupport Manager < 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL…

  • CVE-2011-0404Jan 11, 2011
    risk 0.08cvss epss 0.65

    Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for Mac OS X 11.00 allows remote attackers to execute arbitrary code via a long control hostname to TCP port 5405, probably a different vulnerability than CVE-2007-5252.

  • CVE-2010-4184Nov 5, 2010
    risk 0.00cvss epss 0.03

    NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network.

  • CVE-2002-0482Aug 12, 2002
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.