DCN
Products
4- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-26802 | Cri | 0.68 | 9.8 | 0.49 | Mar 26, 2023 | An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request. | ||
| CVE-2024-51115 | Cri | 0.64 | 9.8 | 0.02 | Nov 5, 2024 | DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability. | ||
| CVE-2021-42324 | Hig | 0.48 | 7.4 | 0.01 | Apr 5, 2022 | An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands… | ||
| CVE-2025-9387 | Med | 0.42 | 6.3 | 0.09 | Aug 24, 2025 | A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is… | ||
| CVE-2026-2000 | Med | 0.31 | 4.7 | 0.17 | Feb 6, 2026 | A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function apply_config of the file /function/system/basic/bridge_cfg.php of the component Web Management Backend. Performing a manipulation of the argument ip_list results in command injection. The attack… |
- risk 0.68cvss 9.8epss 0.49
An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request.
- risk 0.64cvss 9.8epss 0.02
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability.
- risk 0.48cvss 7.4epss 0.01
An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands…
- risk 0.42cvss 6.3epss 0.09
A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is…
- risk 0.31cvss 4.7epss 0.17
A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function apply_config of the file /function/system/basic/bridge_cfg.php of the component Web Management Backend. Performing a manipulation of the argument ip_list results in command injection. The attack…