VYPR

Vendor CVEs

Nokia

All CVEs

149 total · sorted by risk
  • CVE-2025-34037CriJun 24, 2025
    risk 0.75cvss epss 0.85

    An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization,…

  • CVE-2025-9962CriSep 23, 2025
    risk 0.65cvss epss 0.01

    A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission without prior authentication.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2025-9963CriSep 23, 2025
    risk 0.61cvss epss 0.00

    A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions. This way the system can also be compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build …

  • CVE-2025-9965CriSep 23, 2025
    risk 0.60cvss epss 0.01

    Improper authentication vulnerability in Novakon P series allows unauthenticated attackers to upload and download any application from/to the device.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2023-49564HigSep 18, 2025
    risk 0.57cvss 8.8epss 0.00

    The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without…

  • CVE-2025-9964HigSep 23, 2025
    risk 0.56cvss epss 0.00

    No password for the root user is set in Novakon P series. This allows phyiscal attackers to enter the console easily. This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2023-49565HigSep 18, 2025
    risk 0.55cvss 8.4epss 0.01

    The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection. These headers are directly utilized within the subprocess.Popen…

  • CVE-2025-24818HigApr 7, 2026
    risk 0.52cvss 8.0epss 0.01

    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.

  • CVE-2025-24817HigApr 7, 2026
    risk 0.52cvss 8.0epss 0.01

    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.

  • CVE-2025-9974HigFeb 2, 2026
    risk 0.52cvss 8.0epss 0.00

    The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able…

  • CVE-2025-9966HigSep 23, 2025
    risk 0.47cvss epss 0.00

    Improper privilege management vulnerability in Novakon P series allows attackers to gain root privileges if one service is compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9).

  • CVE-2023-6729HigOct 17, 2024
    risk 0.47cvss 7.3epss 0.00

    Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users configured with "access console." Consequently, a low privilege authenticated user with "access console" can read or replace the router configuration file as well as other files…

  • CVE-2023-38293HigApr 22, 2024
    risk 0.47cvss 7.3epss 0.01

    Certain software builds for the Nokia C200 and Nokia C100 Android devices contain a vulnerable, pre-installed app with a package name of com.tracfone.tfstatus (versionCode='31', versionName='12') that allows local third-party apps to execute arbitrary AT commands in its context…

  • CVE-2025-24332HigJul 2, 2025
    risk 0.46cvss 7.1epss 0.00

    Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the…

  • CVE-2022-45899MedMay 8, 2026
    risk 0.42cvss 6.5epss 0.01

    Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field.

  • CVE-2025-0980MedJan 7, 2026
    risk 0.42cvss 6.4epss 0.00

    Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials.

  • CVE-2025-62759MedDec 31, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through <= 2.0.1.

  • CVE-2025-24333MedJul 2, 2025
    risk 0.42cvss 6.4epss 0.00

    Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via…

  • CVE-2025-24331MedJul 2, 2025
    risk 0.42cvss 6.4epss 0.00

    The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive…

  • CVE-2025-24330MedJul 2, 2025
    risk 0.42cvss 6.4epss 0.00

    Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0…

  • CVE-2025-24329MedJul 2, 2025
    risk 0.42cvss 6.4epss 0.00

    Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0…

  • CVE-2019-7386MedMar 21, 2019
    risk 0.42cvss 6.5epss 0.04

    A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the…

  • CVE-2025-9912MedJun 16, 2026
    risk 0.41cvss 6.3epss 0.00

    Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privilege.

  • CVE-2025-10262MedJun 16, 2026
    risk 0.41cvss 6.3epss 0.00

    Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges.

  • CVE-2025-24819MedApr 7, 2026
    risk 0.37cvss 5.7epss 0.00

    Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.

  • CVE-2023-38299MedApr 22, 2024
    risk 0.36cvss 5.5epss 0.00

    Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from…

  • CVE-2025-24328MedJul 2, 2025
    risk 0.27cvss 4.2epss 0.00

    Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue…

  • CVE-2025-24334LowJul 2, 2025
    risk 0.21cvss 3.3epss 0.00

    The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator (MNO) internal RAN management network.

  • CVE-2023-6728LowOct 17, 2024
    risk 0.21cvss 3.3epss 0.00

    Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content.

  • CVE-2023-25189LowSep 25, 2024
    risk 0.21cvss 3.3epss 0.00

    BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care service personnel via…

  • CVE-2025-24335LowJul 2, 2025
    risk 0.13cvss 2.0epss 0.00

    Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for…

  • CVE-2025-7432LowFeb 9, 2026
    risk 0.07cvss epss 0.00

    DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions.  This may allow an attacker to eventually extract secret keys through a DPA attack.

  • CVE-2009-0649Feb 20, 2009
    risk 0.04cvss epss 0.08

    The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method.

  • CVE-2005-2277Jul 15, 2005
    risk 0.04cvss epss 0.13

    Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.

  • CVE-2005-2250Jul 13, 2005
    risk 0.04cvss epss 0.10

    Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.

  • CVE-2023-25187Jun 16, 2023
    risk 0.03cvss epss 0.01

    An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS…

  • CVE-2012-2442Jul 25, 2012
    risk 0.03cvss epss 0.03

    Buffer overflow in the Video Manager in Nokia PC Suite 7.1.180.64 and earlier allows remote attackers to cause a denial of service via a crafted mp4 file.

  • CVE-2011-0498Jan 20, 2011
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.

  • CVE-2009-0734Feb 25, 2009
    risk 0.03cvss epss 0.05

    Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.

  • CVE-2008-4135Sep 19, 2008
    risk 0.03cvss epss 0.04

    Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service (device crash) via multiple deauthentication (DeAuth) frames.

  • CVE-2006-4464Aug 31, 2006
    risk 0.03cvss epss 0.03

    The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a denial of service (crash) via JavaScript that constructs a large Unicode string.

  • CVE-2006-0797Feb 19, 2006
    risk 0.03cvss epss 0.04

    Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet,…

  • CVE-2005-1294Apr 24, 2005
    risk 0.03cvss epss 0.01

    The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index.

  • CVE-2005-0681Mar 6, 2005
    risk 0.03cvss epss 0.03

    Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.

  • CVE-2003-0802Oct 6, 2003
    risk 0.03cvss epss 0.06

    Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).

  • CVE-2003-0801Oct 6, 2003
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.

  • CVE-2003-0803Oct 6, 2003
    risk 0.03cvss epss 0.05

    Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.

  • CVE-2022-39815Sep 13, 2022
    risk 0.01cvss epss 0.02

    In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute commands on the operating system.

  • CVE-2021-31932Feb 11, 2022
    risk 0.01cvss epss 0.22

    Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . (dot) character.

  • CVE-2019-14708Aug 6, 2019
    risk 0.01cvss epss 0.04

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account.

Page 1 of 3