VYPR
Vendor

Nordex

Products
4
CVEs
3
Across products
5
Status
Private

Products

4

Recent CVEs

3
  • CVE-2018-25333HigMay 17, 2026
    risk 0.53cvss 8.2epss 0.00

    Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with…

  • CVE-2015-6477MedOct 18, 2015
    risk 0.41cvss 6.1epss 0.12

    Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Control 2 (NC2) SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2014-5408Nov 5, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 (NC2) SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.