Vulners
Lucene search
Netsweeper 3.0.6 - Open Redirection
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | Netsweeper 3.0.6 - Authentication Bypass / Open Redirection Vulnerabilities | 13 Aug 201500:00 | – | zdt |
 | CVE-2014-9617 | 19 Feb 202020:02 | – | cve |
 | CVE-2014-9617 | 19 Feb 202020:02 | – | cvelist |
 | CVE-2014-9617 | 19 Feb 202021:15 | – | nvd |
 | Open redirect | 19 Feb 202021:15 | – | prion |
id: CVE-2014-9617
info:
name: Netsweeper 3.0.6 - Open Redirection
author: daffainfo
severity: medium
description: An open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
impact: |
An attacker can exploit this vulnerability to redirect users to malicious websites, leading to potential phishing attacks or the download of malware.
remediation: |
Apply the latest security patches or updates provided by the vendor to fix the open redirection vulnerability.
reference:
- https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
- https://nvd.nist.gov/vuln/detail/CVE-2014-9617
- http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2014-9617
cwe-id: CWE-601
epss-score: 0.08013
epss-percentile: 0.94034
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: netsweeper
product: netsweeper
tags: cve2014,cve,netsweeper,redirect,packetstorm,xss,vuln
http:
- method: GET
path:
- "{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 4a0a00473045022100cf55cd308f1bc538df939dfc5741e2ac57c1ea4b1007c1b25591cadfba42cc73022067183d35e827325706fbec33ace3b277ad536a7db89cda81eef5bab8b836bf8c:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS 25.8
CVSS 3.16.1
EPSS0.08013