CVE-2024-38972

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/...

CVE-2024-38972

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/...

CVE-2024-40732

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/...

PT-2024-29010 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: netbox version 4.0.3 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at "/dcim/rear-ports/add/". Recommendations: For netbox versio...

NetBox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

CVE-2024-40726

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/id/edit/...

The vulnerability of the LenelS2 NetBox access control and event monitoring system lies in the lack of measures to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands and increase their privileges.

The vulnerability of the LenelS2 NetBox access control and event monitoring system lies in the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and increase their...

The vulnerability of the LenelS2 NetBox access control and event monitoring system, related to the implementation or modification of arguments, allows a intruder to execute arbitrary commands.

The vulnerability of the LenelS2 NetBox access control and event monitoring system is related to the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the LenelS2 NetBox access control and event monitoring system, which relies on strictly encrypted user credentials, allows a perpetrator to bypass the authentication process.

The vulnerability of the LenelS2 NetBox access control and event monitoring system lies in the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...

CVE-2024-2422

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands...

CVE-2024-2422

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands...

CVE-2024-2421

LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions...

CVE-2024-2420

LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...

CVE-2024-2420

LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...

CVE-2024-2421

LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions...

CVE-2024-2422 LenelS2 NetBox Improper Neutralization of Argumented Delimiters

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands...

CVE-2024-2422

LenelS2 NetBox (LenelS2/Carrier) is affected by CVE-2024-2422, an authenticated RCE in NetBox versions up to and including 5.6.1. The vulnerability affects the NetBox access control and event monitoring system and can allow an attacker to execute arbitrary commands with elevated privileges. Remed...

CVE-2024-2422 LenelS2 NetBox Improper Neutralization of Argumented Delimiters

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands...

CVE-2024-2421 LenelS2 NetBox Improper Neutralization of Special Elements

LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions...

CVE-2024-2421 LenelS2 NetBox Improper Neutralization of Special Elements

LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions...