NMS300

CVEs (6)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-1524	Netgear NMS300	Cri	0.71	9.6	0.66	Feb 13, 2016	Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via…
CVE-2020-35779	Netgear NMS300		0.00	—	0.00	Dec 29, 2020	NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service.
CVE-2020-35780	Netgear NMS300		0.00	—	0.00	Dec 29, 2020	NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service.
CVE-2020-35781	Netgear NMS300		0.00	—	0.00	Dec 29, 2020	NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service.
CVE-2020-35789	Netgear NMS300		0.00	—	0.01	Dec 29, 2020	NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user.
CVE-2020-35797	Netgear NMS300		0.00	—	0.03	Dec 29, 2020	NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an unauthenticated attacker.

CVE-2016-1524CriFeb 13, 2016
Netgear
NMS300
risk 0.71cvss 9.6epss 0.66
Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via…
CVE-2020-35779Dec 29, 2020
Netgear
NMS300
risk 0.00cvss —epss 0.00
NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service.
CVE-2020-35780Dec 29, 2020
Netgear
NMS300
risk 0.00cvss —epss 0.00
NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service.
CVE-2020-35781Dec 29, 2020
Netgear
NMS300
risk 0.00cvss —epss 0.00
NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service.
CVE-2020-35789Dec 29, 2020
Netgear
NMS300
risk 0.00cvss —epss 0.01
NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user.
CVE-2020-35797Dec 29, 2020
Netgear
NMS300
risk 0.00cvss —epss 0.03
NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an unauthenticated attacker.