Vulnerabilities > Nokia

DATE CVE VULNERABILITY TITLE RISK
2023-04-24 CVE-2023-26059 Cross-site Scripting vulnerability in Nokia Netact 20.1
An issue was discovered in Nokia NetAct before 22 SP1037.
network
low complexity
nokia CWE-79
5.4
2023-04-24 CVE-2023-26060 Code Injection vulnerability in Nokia Netact 18A
An issue was discovered in Nokia NetAct before 22 FP2211.
network
low complexity
nokia CWE-94
8.8
2023-04-24 CVE-2023-26061 Cross-site Scripting vulnerability in Nokia Netact 18A
An issue was discovered in Nokia NetAct before 22 FP2211.
network
low complexity
nokia CWE-79
5.4
2023-01-06 CVE-2022-2482 Unspecified vulnerability in Nokia products
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux.
local
low complexity
nokia
8.8
2023-01-06 CVE-2022-2483 Unspecified vulnerability in Nokia products
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature.
local
low complexity
nokia
7.1
2023-01-06 CVE-2022-2484 Unspecified vulnerability in Nokia Asik Airscale 474021A.101 Firmware
The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware.
local
low complexity
nokia
7.8
2022-12-21 CVE-2022-36221 Path Traversal vulnerability in Nokia Fastmile Firmware 3Tg00118Abad52
Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe file on the system.
network
low complexity
nokia CWE-22
6.5
2022-12-21 CVE-2022-36222 Use of Hard-coded Credentials vulnerability in Nokia Fastmile Firmware 3Tg00118Abad52
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.
local
low complexity
nokia CWE-798
8.4
2022-10-12 CVE-2022-28866 Missing Authorization vulnerability in Nokia Airframe BMC web GUI R18 Firmware
Multiple Improper Access Control was discovered in Nokia AirFrame BMC Web GUI < R18 Firmware v4.13.00.
network
low complexity
nokia CWE-862
8.8
2022-09-19 CVE-2022-40712 Cross-site Scripting vulnerability in Nokia 1350 Optical Management System 14.2
An issue was discovered in NOKIA 1350OMS R14.2.
network
low complexity
nokia CWE-79
6.1