Vulnerabilities > Netis Systems > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-25 | CVE-2024-22729 | Command Injection vulnerability in Netis-Systems Mw5360 Firmware 1.0.1.3031 NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page. | 9.8 |
| 2023-10-13 | CVE-2023-45465 | Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings. | 9.8 |
| 2023-10-13 | CVE-2023-45466 | Command Injection vulnerability in Netis-Systems N3Mv2 Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter in the WPS Settings. | 9.8 |
| 2023-10-13 | CVE-2023-45467 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings. | 9.8 |
| 2023-10-02 | CVE-2023-43891 | Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. | 9.8 |
| 2023-10-02 | CVE-2023-43892 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. | 9.8 |
| 2023-10-02 | CVE-2023-43893 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. | 9.8 |
| 2023-09-20 | CVE-2023-43134 | Missing Authorization vulnerability in Netis-Systems 360R Firmware 1.3.4517 There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | 9.8 |
| 2023-09-16 | CVE-2023-42336 | Use of Hard-coded Credentials vulnerability in Netis-Systems Wf2409E Firmware 1.0.1.705 An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component. | 9.8 |
| 2023-01-07 | CVE-2018-25069 | Use of Hard-coded Password vulnerability in Netis-Systems Netcore Router Firmware A vulnerability classified as critical has been found in Netis Netcore Router. | 9.8 |