Vulnerabilities > Netis Systems > N3M Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-10-13 CVE-2023-45463 Classic Buffer Overflow vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function.
network
low complexity
netis-systems CWE-120
7.5
2023-10-13 CVE-2023-45464 Classic Buffer Overflow vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter.
network
low complexity
netis-systems CWE-120
7.5
2023-10-13 CVE-2023-45465 Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings.
network
low complexity
netis-systems CWE-77
critical
9.8
2023-10-13 CVE-2023-45467 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
network
low complexity
netis-systems CWE-78
critical
9.8
2023-10-13 CVE-2023-45468 Classic Buffer Overflow vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp.
network
low complexity
netis-systems CWE-120
7.5
2023-10-06 CVE-2023-44860 Incorrect Authorization vulnerability in Netis-Systems N3M Firmware 1.0.1.865
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request.
network
low complexity
netis-systems CWE-863
7.5
2023-10-02 CVE-2023-43891 Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function.
network
low complexity
netis-systems CWE-77
critical
9.8
2023-10-02 CVE-2023-43892 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings.
network
low complexity
netis-systems CWE-78
critical
9.8
2023-10-02 CVE-2023-43893 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function.
network
low complexity
netis-systems CWE-78
critical
9.8
2023-10-02 CVE-2023-43890 OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page.
network
low complexity
netis-systems CWE-78
8.8