VYPR
Vendor

Netsupport

Products
6
CVEs
13
Across products
15
Status
Private

Products

6

Recent CVEs

13
  • CVE-2025-34164CriAug 30, 2025
    risk 0.61cvss epss 0.01

    A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or execute arbitrary code.

  • CVE-2025-34181HigDec 15, 2025
    risk 0.57cvss epss 0.01

    NetSupport Manager < 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary…

  • CVE-2025-34179HigDec 15, 2025
    risk 0.57cvss epss 0.00

    NetSupport Manager < 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL…

  • CVE-2011-0404Jan 11, 2011
    risk 0.08cvss epss 0.65

    Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for Mac OS X 11.00 allows remote attackers to execute arbitrary code via a long control hostname to TCP port 5405, probably a different vulnerability than CVE-2007-5252.

  • CVE-2004-2737Dec 31, 2004
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk 1.01 allows remote attackers to execute arbitrary SQL commands via the where parameter.

  • CVE-2004-1861Mar 25, 2004
    risk 0.03cvss epss 0.01

    Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain passwords.

  • CVE-2022-22795Mar 9, 2022
    risk 0.00cvss epss 0.01

    Signiant - Manager+Agents XML External Entity (XXE) - Extract internal files of the affected machine An attacker can read all the system files, the product is running with root on Linux systems and nt/authority on windows systems, which allows him to access and extract any file…

  • CVE-2021-46660Jan 29, 2022
    risk 0.00cvss epss 0.01

    Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks.

  • CVE-2019-8996Feb 21, 2019
    risk 0.00cvss epss 0.02

    In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow.

  • CVE-2010-4184Nov 5, 2010
    risk 0.00cvss epss 0.03

    NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network.

  • CVE-2007-5252Oct 6, 2007
    risk 0.00cvss epss 0.04

    Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection…

  • CVE-2007-5057Sep 24, 2007
    risk 0.00cvss epss 0.05

    NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the (1) basic and (2) authentication schemes by spoofing the NetSupport Manager.

  • CVE-2002-0482Aug 12, 2002
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.