Lucene search
+L

26 matches found

Cvelist
Cvelist
added 2023/01/27 12:0 a.m.30 views

CVE-2022-39813

Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/jsecuritycheck via the jusername parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The...

6.1AI score0.0047EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/27 12:0 a.m.28 views

CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request not possible using the GUI to an arbitrary directory. Because th...

7.6AI score0.00961EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.8 views

Italtel NetMatch-S CI 路径遍历漏洞

Italtel NetMatch-S CI is Italtel's first "In-Cloud" SBC designed for deployment in data center/cloud environments in accordance with emerging IT practices and telecom specifications NFV. A security vulnerability exists in Italtel NetMatch-S CI version 5.2.0-20211008, which stems from the presence...

7.5CVSS7.4AI score0.00961EPSS
Exploits1References2
CVE
CVE
added 2023/01/27 12:0 a.m.50 views

CVE-2022-39811

This CVE (CVE-2022-39811) affects Italtel NetMatch-S CI 5.2.0-20211008. The root cause is incorrect access control in NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader, where permissions are not verified for resource access. As described, an attacker could view pages that should ...

9.1CVSS9AI score0.00823EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/01/27 12:0 a.m.56 views

CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 is affected by an Absolute Path Traversal vulnerability in NMSCI-WebGui/SaveFileUploader. An unauthenticated attacker can upload files to an arbitrary path by changing the uploadDir parameter in a POST request (GUI cannot do this), potentially leading to unaut...

7.5CVSS7.3AI score0.00961EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/01/27 12:0 a.m.58 views

CVE-2022-39813

CVE-2022-39813 affects Italtel NetMatch-S CI 5.2.0-20211008. The vulnerability is described as multiple Reflected/Stored XSS issues in NMSCIWebGui/j_security_check (via j_username) and NMSCIWebGui/actloglineview.jsp (via name or actLine), allowing an attacker to inject arbitrary JavaScript. The p...

6.1CVSS5.9AI score0.0047EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder