Vulnerabilities > Netis Systems > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-07 | CVE-2023-0114 | Unspecified vulnerability in Netis-Systems Netcore Router Firmware A vulnerability was found in Netis Netcore Router. | 5.5 |
| 2019-12-30 | CVE-2019-20076 | Cross-site Scripting vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS Configuration). | 6.1 |
| 2019-12-30 | CVE-2019-20075 | Cross-site Scripting vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6 Diagnostic). | 6.1 |
| 2019-12-30 | CVE-2019-20073 | Cross-site Scripting vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Configuration). | 6.1 |
| 2019-12-30 | CVE-2019-20072 | Cross-site Scripting vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configuration). | 6.1 |
| 2019-12-30 | CVE-2019-20071 | Cross-Site Request Forgery (CSRF) vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all logs. | 6.5 |
| 2019-12-30 | CVE-2019-20070 | Cross-site Scripting vulnerability in Netis-Systems Dl4343 Firmware On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking Configuration). | 6.1 |
| 2018-01-25 | CVE-2018-5967 | Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 2.2.36123 Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page. | 5.4 |
| 2018-01-24 | CVE-2018-6190 | Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 3.2.41381 Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page. | 5.4 |