Vulnerabilities > Nedi > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-06 CVE-2022-40895 Information Exposure Through Discrepancy vulnerability in Nedi 1.0.7
In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability.
network
low complexity
nedi CWE-203
critical
9.1
2020-06-29 CVE-2020-14414 OS Command Injection vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to Remote Command Execution.
network
low complexity
nedi CWE-78
critical
9.0
2020-06-29 CVE-2020-14412 OS Command Injection vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to Remote Command Execution.
network
low complexity
nedi CWE-78
critical
9.0