• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

netis-systems

CVE-2018-6391

February 26, 2023 by

A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings.

CVE-2018-6190

February 26, 2023 by

Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.

CVE-2018-5967

February 26, 2023 by

Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page.

CVE-2018-25069

February 26, 2023 by

A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability.

CVE-2020-8946

February 26, 2023 by

Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter.

CVE-2019-8985

February 26, 2023 by

On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP “Authorization: Basic” header that is mishandled by user_auth->user_ok in /bin/boa.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE