Vulnerabilities > Nokia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-25 | CVE-2022-39818 | OS Command Injection vulnerability in Nokia Network Functions Manager for Transport 19.9 In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. | 8.8 |
| 2023-12-25 | CVE-2022-39822 | SQL Injection vulnerability in Nokia Network Functions Manager for Transport 19.9 In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. | 8.8 |
| 2023-11-03 | CVE-2023-41352 | OS Command Injection vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. | 7.2 |
| 2023-11-03 | CVE-2023-41353 | Weak Password Requirements vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. | 8.8 |
| 2023-10-04 | CVE-2023-22618 | Unspecified vulnerability in Nokia products If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. | 7.8 |
| 2023-09-05 | CVE-2022-41763 | Code Injection vulnerability in Nokia Access Management System 9.7.05 An issue was discovered in NOKIA AMS 9.7.05. | 8.8 |
| 2023-08-29 | CVE-2023-41376 | Unspecified vulnerability in Nokia products Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes. | 7.5 |
| 2023-07-24 | CVE-2022-28863 | Unrestricted Upload of File with Dangerous Type vulnerability in Nokia Netact 22.0.0.62 An issue was discovered in Nokia NetAct 22. | 8.8 |
| 2023-07-24 | CVE-2022-28864 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Nokia Netact 22.0.0.62 An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. | 8.8 |
| 2023-07-24 | CVE-2022-30280 | Cross-Site Request Forgery (CSRF) vulnerability in Nokia Netact 22.0.0.62 /SecurityManagement/html/createuser.jsf in Nokia NetAct 22 allows CSRF. | 8.8 |