Vulnerabilities > Netis Systems
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-02 | CVE-2023-43893 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. | 9.8 |
| 2023-10-02 | CVE-2023-43890 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. | 8.8 |
| 2023-09-20 | CVE-2023-43134 | Missing Authorization vulnerability in Netis-Systems 360R Firmware 1.3.4517 There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | 9.8 |
| 2023-09-16 | CVE-2023-42336 | Use of Hard-coded Credentials vulnerability in Netis-Systems Wf2409E Firmware 1.0.1.705 An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component. | 9.8 |
| 2023-09-11 | CVE-2023-38829 | Command Injection vulnerability in Netis-Systems Wf2409E Firmware 3.6.42541 An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface. | 8.8 |
| 2023-01-07 | CVE-2018-25069 | Use of Hard-coded Password vulnerability in Netis-Systems Netcore Router Firmware A vulnerability classified as critical has been found in Netis Netcore Router. | 9.8 |
| 2023-01-07 | CVE-2023-0113 | Information Exposure vulnerability in Netis-Systems Netcore Router Firmware A vulnerability was found in Netis Netcore Router up to 2.2.6. | 7.5 |
| 2023-01-07 | CVE-2023-0114 | Cleartext Storage in a File or on Disk vulnerability in Netis-Systems Netcore Router Firmware A vulnerability was found in Netis Netcore Router. | 5.5 |
| 2021-02-18 | CVE-2021-26747 | OS Command Injection vulnerability in Netis-Systems Wf2411 Firmware and Wf2780 Firmware Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution. | 10.0 |
| 2020-02-12 | CVE-2020-8946 | OS Command Injection vulnerability in Netis-Systems Wf2471 Firmware 1.2.30142 Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter. | 9.0 |