VYPR
Vendor

Portwise

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2010-20109HigAug 21, 2025
    risk 0.64cvss epss 0.01

    Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view_help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to…

  • CVE-2025-34047HigJun 26, 2025
    risk 0.57cvss epss 0.00

    A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing unauthenticated attackers to read arbitrary files on the underlying system via the ostype parameter in the /vpn/user/download/client endpoint. This flaw arises from insufficient…

  • CVE-2022-50800HigDec 30, 2025
    risk 0.49cvss 7.5epss 0.00

    H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the login_submit.cgi endpoint and analyze response messages to distinguish between…

  • CVE-2010-0703Feb 23, 2010
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter.

  • CVE-2022-35416Jul 11, 2022
    risk 0.01cvss epss 0.03

    H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.