Vulnerabilities > Nokia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-25 | CVE-2021-26596 | Cross-site Scripting vulnerability in Nokia Netact 18A An issue was discovered in Nokia NetAct 18A. | 5.4 |
| 2020-01-31 | CVE-2014-3809 | Cross-site Scripting vulnerability in Nokia products Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html. | 6.1 |
| 2019-11-25 | CVE-2019-17406 | Path Traversal vulnerability in Nokia Impact Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743 | 5.3 |
| 2019-11-25 | CVE-2019-17405 | Cross-site Scripting vulnerability in Nokia Impact Nokia IMPACT < 18A: has Reflected self XSS | 6.1 |
| 2019-11-25 | CVE-2019-17404 | Path Traversal vulnerability in Nokia Impact Nokia IMPACT < 18A: allows full path disclosure | 4.3 |
| 2019-11-25 | CVE-2019-17403 | Unrestricted Upload of File with Dangerous Type vulnerability in Nokia Impact Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution. | 8.8 |
| 2019-03-21 | CVE-2019-7386 | A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. | 6.5 |
| 2019-03-05 | CVE-2019-3922 | Out-of-bounds Write vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetup_Form. | 9.8 |
| 2019-03-05 | CVE-2019-3921 | Out-of-bounds Write vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. | 8.8 |
| 2019-03-05 | CVE-2019-3920 | Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/. | 8.8 |