Filtered by vendor Netis-systems
Subscribe
Total
49 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-20074 | 1 Netis-systems | 2 Dl4343, Dl4343 Firmware | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page. | |||||
CVE-2019-20073 | 1 Netis-systems | 2 Dl4343, Dl4343 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Configuration). | |||||
CVE-2019-20072 | 1 Netis-systems | 2 Dl4343, Dl4343 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configuration). | |||||
CVE-2019-20071 | 1 Netis-systems | 2 Dl4343, Dl4343 Firmware | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all logs. | |||||
CVE-2019-20070 | 1 Netis-systems | 2 Dl4343, Dl4343 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking Configuration). | |||||
CVE-2018-6391 | 1 Netis-systems | 2 Wf2419, Wf2419 Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings. | |||||
CVE-2018-6190 | 1 Netis-systems | 2 Wf2419, Wf2419 Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page. | |||||
CVE-2018-5967 | 1 Netis-systems | 2 Wf2419, Wf2419 Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page. | |||||
CVE-2018-25069 | 1 Netis-systems | 2 Netcore Router, Netcore Router Firmware | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability. |