CVE-2018-14784

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device...

CVE-2018-14783

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely...

Cross site request forgery (csrf)

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely...

Authentication flaw

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication...

CVE-2018-14783

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely...

CVE-2018-14784

The CVE is for NetComm NWL-25 (4G LTE Light Industrial M2M Router). Affected firmware: 2.0.29.11 and earlier. Vulnerability: cross-site scripting (CWE-79) allowing a remote attacker to run arbitrary code on the device. Documented impact: remote code execution with network access; exploitation det...

CVE-2018-14782

NetComm NWL-25 (4G LTE M2M router) firmware 2.0.29.11 and earlier is affected by CVE-2018-14782, an information-disclosure vulnerability where configuration files and profiles can be accessed without authentication. The issue affects the NWL-25 and is documented by multiple sources (NVD entry and...

CVE-2018-14782

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user...

CVE-2018-14784

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device...

CVE-2018-14785

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication...

CVE-2018-14785

CVE-2018-14785 affects NetComm NWL-25 (4G LTE Light Industrial M2M Router) with firmware 2.0.29.11 and earlier. The vulnerability is an information exposure through directory listing, allowing access to device configuration/catalog files without authentication. The ICSA advisory confirms affected...

CVE-2018-14783

CVE-2018-14783 is a Cross-Site Request Forgery vulnerability in NetComm NWL-25 4G LTE Light Industrial M2M Router. AFFECTED PRODUCTS: NWL-25 with firmware 2.0.29.11 and earlier. ROOT CAUSE/IMPACT: CSRF allows an attacker to remotely change the device password, with high impact (C/H, I/H, A/H in C...

The vulnerability of the “ping.cgi” script in the embedded software of the NetCommWireless HSPA 3G10WVE router allows a hacker to execute arbitrary commands.

The vulnerability of the “ping.cgi” script in the embedded software of the NetCommWireless HSPA 3G10WVE router is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the “DIAIPADDRESS” parameter, by...

NetComm Wireless 4GT101W Router Information Disclosure Vulnerability

NetComm Wireless 4GT101W routers is a wireless router product from NetComm Wireless Australia. A security vulnerability in NetComm Wireless 4GT101W routers running hardware version 0.01/software version V1.1.8.8/bootloader version 1.1.3 stems from the program's failure to perform an authenticatio...

NetComm Wireless 4GT101W Router Cross-Site Scripting Vulnerability

NetComm Wireless 4GT101W routers is a wireless router product from NetComm Wireless Australia. A cross-site scripting vulnerability exists in NetComm Wireless 4GT101W routers running hardware version 0.01/software version V1.1.8.8/bootloader version 1.1.3. A remote attacker can exploit this...

NetComm Wireless 4GT101W Router Cross-Site Request Forgery Vulnerability

NetComm Wireless 4GT101W routers is a wireless router product from NetComm Wireless Australia. A cross-site request forgery vulnerability exists in NetComm Wireless 4GT101W routers running hardware version 0.01/software version V1.1.8.8/bootloader version 1.1.3. A remote attacker could exploit th...

CVE-2017-11647

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...

Design/Logic Flaw

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...

Cross site request forgery (csrf)

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...

CVE-2017-11645

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...