adhikara13/CVE

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-22729 ↗	Jan 25, 2024Thursday, 25 January 2024, 15:15	9.8 CRITICAL	—
NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page.
CVE-2023-45464 ↗	Oct 13, 2023Friday, 13 October 2023, 13:15	7.5 HIGH	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-45468 ↗	Oct 13, 2023Friday, 13 October 2023, 13:15	7.5 HIGH	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-45467 ↗	Oct 13, 2023Friday, 13 October 2023, 13:15	9.8 CRITICAL	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
CVE-2023-45466 ↗	Oct 13, 2023Friday, 13 October 2023, 13:15	9.8 CRITICAL	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter in the WPS Settings.
CVE-2023-45465 ↗	Oct 13, 2023Friday, 13 October 2023, 13:15	9.8 CRITICAL	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings.
CVE-2023-45463 ↗	Oct 13, 2023Friday, 13 October 2023, 13:15	7.5 HIGH	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2023-44860 ↗	Oct 6, 2023Friday, 6 October 2023, 23:15	7.5 HIGH	—
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request.
CVE-2023-43893 ↗	Oct 2, 2023Monday, 2 October 2023, 22:15	9.8 CRITICAL	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload.
CVE-2023-43892 ↗	Oct 2, 2023Monday, 2 October 2023, 22:15	9.8 CRITICAL	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload.
CVE-2023-43891 ↗	Oct 2, 2023Monday, 2 October 2023, 22:15	9.8 CRITICAL	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload.
CVE-2023-43890 ↗	Oct 2, 2023Monday, 2 October 2023, 20:15	8.8 HIGH	—
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request.
CVE-2023-42336 ↗	Sep 16, 2023Saturday, 16 September 2023, 01:15	9.8 CRITICAL	—
An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component.