VYPR

NIOS

by Infoblox

CVEs (10)

  • CVE-2024-37566CriFeb 27, 2025
    risk 0.64cvss 9.8epss 0.00

    Infoblox NIOS through 8.6.4 has Improper Authentication for Grids.

  • CVE-2024-36047CriFeb 27, 2025
    risk 0.64cvss 9.8epss 0.00

    Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.

  • CVE-2024-36046CriFeb 27, 2025
    risk 0.64cvss 9.8epss 0.00

    Infoblox NIOS through 8.6.4 executes with more privileges than required.

  • CVE-2024-37567CriFeb 27, 2025
    risk 0.59cvss 9.1epss 0.00

    Infoblox NIOS through 8.6.4 has Improper Access Control for Grids.

  • CVE-2023-37249HigAug 25, 2023
    risk 0.57cvss 8.8epss 0.01

    Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.

  • CVE-2018-10239MedJun 17, 2019
    risk 0.44cvss 6.7epss 0.00

    A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The…

  • CVE-2020-15303MedJun 28, 2021
    risk 0.42cvss 6.5epss 0.01

    Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564.

  • CVE-2022-28975MedJan 9, 2024
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.

  • CVE-2025-61880Feb 12, 2026
    risk 0.00cvss epss 0.01

    In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution.

  • CVE-2025-61879Feb 12, 2026
    risk 0.00cvss epss 0.00

    In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.