PT-2022-25613 · Nedi · Nedi

Name of the Vulnerable Software and Affected Versions: NeDi versions 1.0.7 and earlier Description: A vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability. This is due t...

NeDi SQL Injection Vulnerability (CNVD-2021-22163)

NeDi is an open source software tool that discovers, maps and inventories network devices and tracks connected end nodes. A SQL injection vulnerability exists in the Monitoring History function in endpoint /Monitoring-History.php in NeDi 1.9C. An attacker can exploit this vulnerability to access...

NeDi Consulting NeDi Cross-Site Scripting Vulnerability

NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi version 1.9C in pwsec.php, which can be exploited by attackers to conduct xss attacks...

NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44587)

NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability stems from a lack of proper validation of...

CVE-2018-20728

A cross site request forgery CSRF vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php...