Vendor CVEs
Netis
All CVEs
65 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-45463 | 0.00 | — | 0.01 | Oct 13, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2023-45467 | 0.00 | — | 0.02 | Oct 13, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings. | |||
| CVE-2023-45468 | 0.00 | — | 0.01 | Oct 13, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2023-45465 | 0.00 | — | 0.02 | Oct 13, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings. | |||
| CVE-2023-45466 | 0.00 | — | 0.02 | Oct 13, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter in the WPS Settings. | |||
| CVE-2023-45464 | 0.00 | — | 0.01 | Oct 13, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2023-43892 | 0.00 | — | 0.02 | Oct 2, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload. | |||
| CVE-2023-43893 | 0.00 | — | 0.02 | Oct 2, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload. | |||
| CVE-2023-43890 | 0.00 | — | 0.03 | Oct 2, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request. | |||
| CVE-2023-43891 | 0.00 | — | 0.02 | Oct 2, 2023 | Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload. | |||
| CVE-2023-43134 | 0.00 | — | 0.01 | Sep 20, 2023 | There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | |||
| CVE-2023-42336 | 0.00 | — | 0.01 | Sep 16, 2023 | An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component. | |||
| CVE-2018-25069 | 0.00 | — | 0.01 | Jan 7, 2023 | A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability. | |||
| CVE-2023-0114 | 0.00 | — | 0.00 | Jan 7, 2023 | A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to cleartext storage in a file or on disk. Local access is… | |||
| CVE-2023-0113 | 0.00 | — | 0.01 | Jan 7, 2023 | A vulnerability was found in Netis Netcore Router up to 2.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to information disclosure. The attack… |
- CVE-2023-45463Oct 13, 2023risk 0.00cvss —epss 0.01
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2023-45467Oct 13, 2023risk 0.00cvss —epss 0.02
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
- CVE-2023-45468Oct 13, 2023risk 0.00cvss —epss 0.01
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2023-45465Oct 13, 2023risk 0.00cvss —epss 0.02
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings.
- CVE-2023-45466Oct 13, 2023risk 0.00cvss —epss 0.02
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter in the WPS Settings.
- CVE-2023-45464Oct 13, 2023risk 0.00cvss —epss 0.01
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2023-43892Oct 2, 2023risk 0.00cvss —epss 0.02
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload.
- CVE-2023-43893Oct 2, 2023risk 0.00cvss —epss 0.02
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload.
- CVE-2023-43890Oct 2, 2023risk 0.00cvss —epss 0.03
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request.
- CVE-2023-43891Oct 2, 2023risk 0.00cvss —epss 0.02
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload.
- CVE-2023-43134Sep 20, 2023risk 0.00cvss —epss 0.01
There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.
- CVE-2023-42336Sep 16, 2023risk 0.00cvss —epss 0.01
An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component.
- CVE-2018-25069Jan 7, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability.
- CVE-2023-0114Jan 7, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to cleartext storage in a file or on disk. Local access is…
- CVE-2023-0113Jan 7, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in Netis Netcore Router up to 2.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to information disclosure. The attack…
Page 2 of 2