eNMS
by eNMS
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-46649 | Hig | 0.49 | 7.5 | 0.01 | Sep 20, 2024 | eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder. | ||
| CVE-2024-46648 | Hig | 0.49 | 7.5 | 0.01 | Sep 20, 2024 | eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder. | ||
| CVE-2024-46645 | Hig | 0.49 | 7.5 | 0.01 | Sep 20, 2024 | eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files. | ||
| CVE-2024-46647 | Med | 0.42 | 6.5 | 0.01 | Sep 20, 2024 | eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files. | ||
| CVE-2024-46646 | Med | 0.42 | 6.5 | 0.01 | Sep 20, 2024 | eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file. | ||
| CVE-2024-46644 | Med | 0.42 | 6.5 | 0.01 | Sep 20, 2024 | eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file. | ||
| CVE-2024-11664 | Hig | 0.00 | 8.8 | 0.02 | Nov 25, 2024 | A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselect_filtering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. The attack may be… |
- risk 0.49cvss 7.5epss 0.01
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder.
- risk 0.49cvss 7.5epss 0.01
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder.
- risk 0.49cvss 7.5epss 0.01
eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.
- risk 0.42cvss 6.5epss 0.01
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files.
- risk 0.42cvss 6.5epss 0.01
eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file.
- risk 0.42cvss 6.5epss 0.01
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file.
- risk 0.00cvss 8.8epss 0.02
A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselect_filtering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. The attack may be…