Vulnerabilities > Netis Systems > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-13 | CVE-2023-45463 | Classic Buffer Overflow vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. | 7.5 |
| 2023-10-13 | CVE-2023-45464 | Classic Buffer Overflow vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. | 7.5 |
| 2023-10-13 | CVE-2023-45468 | Classic Buffer Overflow vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. | 7.5 |
| 2023-10-06 | CVE-2023-44860 | Incorrect Authorization vulnerability in Netis-Systems N3M Firmware 1.0.1.865 An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request. | 7.5 |
| 2023-10-02 | CVE-2023-43890 | OS Command Injection vulnerability in Netis-Systems N3M Firmware 1.0.1.865 Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. | 8.8 |
| 2023-09-11 | CVE-2023-38829 | Command Injection vulnerability in Netis-Systems Wf2409E Firmware 3.6.42541 An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface. | 8.8 |
| 2023-01-07 | CVE-2023-0113 | Unspecified vulnerability in Netis-Systems Netcore Router Firmware A vulnerability was found in Netis Netcore Router up to 2.2.6. | 7.5 |
| 2020-02-12 | CVE-2020-8946 | OS Command Injection vulnerability in Netis-Systems Wf2471 Firmware 1.2.30142 Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter. | 8.8 |
| 2020-02-07 | CVE-2019-19356 | OS Command Injection vulnerability in Netis-Systems Wf2419 Firmware 1.2.31805/2.2.36123 Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. | 7.5 |
| 2019-12-30 | CVE-2019-20074 | Improper Privilege Management vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page. | 8.8 |