Vulnerabilities > NEC
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-03-19 | CVE-2013-0717 | Cross-Site Request Forgery (CSRF) vulnerability in NEC products Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device. | 6.8 |
2013-02-22 | CVE-2013-0706 | Permissions, Privileges, and Access Controls vulnerability in NEC Universal Raid Utility 1.40/2.31/2.5 NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and earlier, and 2.5 Rev 2244 and earlier does not provide access control, which allows remote attackers to perform arbitrary RAID disk operations via unspecified vectors. | 9.0 |
2011-05-09 | CVE-2011-1323 | Improper Input Validation vulnerability in Yamaha products Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6.x through 10.x, and NEC IP38X series routers with firmware 6.x through 10.x, do not properly handle IP header options, which allows remote attackers to cause a denial of service (device reboot) via a crafted option that triggers access to an invalid memory location. | 7.8 |
2010-05-19 | CVE-2010-1943 | Remote Denial of Service vulnerability in NEC Capsuite Patchmeister 2.0 Unspecified vulnerability in NEC CapsSuite Small Edition PatchMeister 2.0 Update2 and earlier allows remote attackers to cause a denial of service (OS shutdown or restart) via vectors related to Client Service for PTM and crafted packets to port 56015. | 7.8 |
2010-05-19 | CVE-2010-1941 | Denial of Service vulnerability in WebSAM DeploymentManager Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13 and earlier, as used in SigmaSystemCenter 2.1 Update2 and earlier, BladeSystemCenter, ExpressSystemCenter, and VirtualPCCenter 2.2 and earlier, allows remote attackers to cause a denial of service (OS shutdown or restart) via unknown vectors related to Client Service for DPM and crafted packets to port 56010. | 7.8 |
2008-01-22 | CVE-2008-0378 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in NEC Sockscap Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hostname. | 6.8 |
2007-10-18 | CVE-2007-5557 | Improper Input Validation vulnerability in NEC Mobile Handset Unspecified vulnerability in the NEC mobile handset allows remote attackers to cause a denial of service (reboot) via crafted packets. | 7.8 |
2007-01-23 | CVE-2006-6947 | Remote Security vulnerability in Multiwriter 1700C The FTP server in the NEC MultiWriter 1700C allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017. | 7.8 |
2007-01-23 | CVE-2006-6946 | Remote Security vulnerability in Multiwriter 1700C The web server in the NEC MultiWriter 1700C allows remote attackers to modify the device configuration via unspecified vectors. | 7.5 |
2005-12-22 | CVE-2005-4465 | Denial Of Service vulnerability in NEC UNIVERGE IX1000/IX2000/IX3000 IKE Exchange The Internet Key Exchange version 1 (IKEv1) implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | 7.5 |