Vulnerabilities > NEC
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-09 | CVE-2018-0630 | OS Command Injection vulnerability in NEC Aterm W300P Firmware Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter. | 9.0 |
2019-01-09 | CVE-2018-0629 | OS Command Injection vulnerability in NEC Aterm W300P Firmware Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response. | 9.0 |
2019-01-09 | CVE-2018-0628 | OS Command Injection vulnerability in NEC Aterm Wg1200Hp Firmware Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response. | 9.0 |
2019-01-09 | CVE-2018-0627 | OS Command Injection vulnerability in NEC Aterm Wg1200Hp Firmware Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter. | 9.0 |
2019-01-09 | CVE-2018-0626 | OS Command Injection vulnerability in NEC Aterm Wg1200Hp Firmware Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter. | 9.0 |
2019-01-09 | CVE-2018-0625 | OS Command Injection vulnerability in NEC Aterm Wg1200Hp Firmware Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter. | 9.0 |
2018-12-26 | CVE-2018-11742 | Insufficiently Protected Credentials vulnerability in NEC Univerge Sv9100 Webpro Firmware 6.00.00 NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. | 5.0 |
2018-12-26 | CVE-2018-11741 | Information Exposure vulnerability in NEC Univerge Sv9100 Webpro Firmware 6.00.00 NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs. | 5.0 |
2016-01-30 | CVE-2016-1145 | Path Traversal vulnerability in NEC Expresscluster X 3.3 Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors. | 7.8 |
2014-01-23 | CVE-2013-7314 | Unspecified vulnerability in NEC products The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. network nec | 6.8 |