Netop
Products
4- 5 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
10| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-27193 | Cri | 0.64 | 9.8 | 0.01 | Mar 25, 2021 | Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to read and write files on the remote machine with system privileges resulting in a privilege escalation. | ||
| CVE-2011-10012 | Hig | 0.58 | — | 0.00 | Aug 13, 2025 | NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an… | ||
| CVE-2021-27194 | Hig | 0.57 | 8.8 | 0.00 | Mar 25, 2021 | Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to gather credentials including Windows login usernames and passwords. | ||
| CVE-2021-27192 | Hig | 0.51 | 7.8 | 0.00 | Mar 25, 2021 | Local privilege escalation vulnerability in Windows clients of Netop Vision Pro up to and including 9.7.1 allows a local user to gain administrator privileges whilst using the clients. | ||
| CVE-2021-36134 | Hig | 0.48 | 7.4 | 0.01 | Sep 27, 2021 | Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS). | ||
| CVE-2021-27195 | Med | 0.38 | 5.9 | 0.01 | Mar 25, 2021 | Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic. | ||
| CVE-2017-5216 | Med | 0.36 | 5.5 | 0.01 | Jan 9, 2017 | Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially designed malicious file containing special characters is loaded, the overflow occurs.… | ||
| CVE-2000-0100 | 0.03 | — | 0.03 | Dec 29, 1999 | The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program. | |||
| CVE-2004-0950 | 0.00 | — | 0.02 | Feb 9, 2005 | NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a "custom" HELO request. | |||
| CVE-2001-1094 | 0.00 | — | 0.00 | Sep 11, 2001 | NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version. |
- risk 0.64cvss 9.8epss 0.01
Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to read and write files on the remote machine with system privileges resulting in a privilege escalation.
- risk 0.58cvss —epss 0.00
NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an…
- risk 0.57cvss 8.8epss 0.00
Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to gather credentials including Windows login usernames and passwords.
- risk 0.51cvss 7.8epss 0.00
Local privilege escalation vulnerability in Windows clients of Netop Vision Pro up to and including 9.7.1 allows a local user to gain administrator privileges whilst using the clients.
- risk 0.48cvss 7.4epss 0.01
Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS).
- risk 0.38cvss 5.9epss 0.01
Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic.
- risk 0.36cvss 5.5epss 0.01
Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially designed malicious file containing special characters is loaded, the overflow occurs.…
- CVE-2000-0100Dec 29, 1999risk 0.03cvss —epss 0.03
The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.
- CVE-2004-0950Feb 9, 2005risk 0.00cvss —epss 0.02
NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a "custom" HELO request.
- CVE-2001-1094Sep 11, 2001risk 0.00cvss —epss 0.00
NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version.