Vulnerabilities > Netis Systems > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-18 | CVE-2021-26747 | OS Command Injection vulnerability in Netis-Systems Wf2411 Firmware and Wf2780 Firmware Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution. | 10.0 |
| 2020-02-12 | CVE-2020-8946 | OS Command Injection vulnerability in Netis-Systems Wf2471 Firmware 1.2.30142 Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter. | 9.0 |
| 2019-02-21 | CVE-2019-8985 | Missing Authentication for Critical Function vulnerability in Netis-Systems Wf2411 Firmware and Wf2880 Firmware On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. | 9.0 |