VYPR
Vendor

NetVision Information

Products
2
CVEs
9
Across products
9
Status
Private

Products

2

Recent CVEs

9
  • CVE-2025-4559CriMay 12, 2025
    risk 0.64cvss 9.8epss 0.00

    The ISOinsight from Netvision has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

  • CVE-2025-0456CriJan 16, 2025
    risk 0.64cvss 9.8epss 0.01

    The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve * all accounts and passwords.

  • CVE-2025-0455CriJan 16, 2025
    risk 0.64cvss 9.8epss 0.01

    The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

  • CVE-2025-0457HigJan 16, 2025
    risk 0.57cvss 8.8epss 0.01

    The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.

  • CVE-2023-48383HigJan 15, 2024
    risk 0.49cvss 7.5epss 0.01

    NetVision Information airPASS has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.

  • CVE-2025-4560MedMay 12, 2025
    risk 0.42cvss 6.5epss 0.00

    The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access certain system functions. These functions include viewing the administrator list, viewing and editing IP settings, and uploading files.

  • CVE-2025-15355MedDec 30, 2025
    risk 0.40cvss 6.1epss 0.00

    ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

  • CVE-2025-1145MedFeb 11, 2025
    risk 0.40cvss 6.1epss 0.00

    NetVision Information ISOinsight has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques.

  • CVE-2024-3776MedApr 15, 2024
    risk 0.40cvss 6.1epss 0.00

    The parameter used in the login page of Netvision airPASS is not properly filtered for user input. An unauthenticated remote attacker can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.