Vulnerabilities > Nokia

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-41354 Unspecified vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.
network
low complexity
nokia
5.3
2023-11-03 CVE-2023-41355 Unspecified vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages.
network
low complexity
nokia
critical
9.8
2023-11-03 CVE-2023-41350 Improper Restriction of Excessive Authentication Attempts vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authentication attempts.
network
low complexity
nokia CWE-307
critical
9.8
2023-10-04 CVE-2023-22618 Unspecified vulnerability in Nokia products
If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request.
local
low complexity
nokia
7.8
2023-09-05 CVE-2022-41763 Code Injection vulnerability in Nokia Access Management System 9.7.05
An issue was discovered in NOKIA AMS 9.7.05.
network
low complexity
nokia CWE-94
8.8
2023-08-29 CVE-2023-41376 Unspecified vulnerability in Nokia products
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes.
network
low complexity
nokia
7.5
2023-07-24 CVE-2022-28863 Unrestricted Upload of File with Dangerous Type vulnerability in Nokia Netact 22.0.0.62
An issue was discovered in Nokia NetAct 22.
network
low complexity
nokia CWE-434
8.8
2023-07-24 CVE-2022-28864 Improper Neutralization of Formula Elements in a CSV File vulnerability in Nokia Netact 22.0.0.62
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section.
network
low complexity
nokia CWE-1236
8.8
2023-07-24 CVE-2022-28865 Cross-site Scripting vulnerability in Nokia Netact 22.0.0.62
An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section.
network
low complexity
nokia CWE-79
5.4
2023-07-24 CVE-2022-28867 Cross-site Scripting vulnerability in Nokia Netact 22.0.0.62
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section.
network
low complexity
nokia CWE-79
5.4