Vulnerabilities > Nokia > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2022-30903 Cross-site Scripting vulnerability in Nokia G-2425G-A Firmware 3Fe49362Ijhk42
Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA" Software Version "3FE49362IJHK42" is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management.
network
low complexity
nokia CWE-79
4.8
4.8
2022-05-25 CVE-2021-35487 SQL Injection vulnerability in Nokia Broadcast Message Center
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter.
network
low complexity
nokia CWE-89
6.5
6.5
2021-09-20 CVE-2021-32289 NULL Pointer Dereference vulnerability in Nokia Heif
An issue was discovered in heif through through v3.6.2.
local
low complexity
nokia CWE-476
5.5
5.5
2021-04-02 CVE-2021-30003 Cross-site Scripting vulnerability in Nokia G-120W-F Firmware 3Fe46606Agab91
An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices.
network
low complexity
nokia CWE-79
4.8
4.8
2021-03-25 CVE-2021-26597 Unrestricted Upload of File with Dangerous Type vulnerability in Nokia Netact 18A
An issue was discovered in Nokia NetAct 18A.
network
low complexity
nokia CWE-434
6.5
6.5
2021-03-25 CVE-2021-26596 Cross-site Scripting vulnerability in Nokia Netact 18A
An issue was discovered in Nokia NetAct 18A.
network
low complexity
nokia CWE-79
5.4
5.4
2020-01-31 CVE-2014-3809 Cross-site Scripting vulnerability in Nokia products
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html.
network
low complexity
nokia CWE-79
6.1
6.1
2019-11-25 CVE-2019-17406 Path Traversal vulnerability in Nokia Impact
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
network
low complexity
nokia CWE-22
5.3
5.3
2019-11-25 CVE-2019-17405 Cross-site Scripting vulnerability in Nokia Impact
Nokia IMPACT < 18A: has Reflected self XSS
network
low complexity
nokia CWE-79
6.1
6.1
2019-11-25 CVE-2019-17404 Path Traversal vulnerability in Nokia Impact
Nokia IMPACT < 18A: allows full path disclosure
network
low complexity
nokia CWE-22
4.3
4.3