CVE-2025-5306

CVE-2025-5306 describes a command-injection vulnerability in Pandora FMS, specifically in the Netflow component. The issue is triggered by improper neutralization of special elements in the Netflow directory field, affecting Pandora FMS versions 774–778. Connected sources confirm a concrete explo...

CVE-2025-5306 Command Injection in Netflow path

Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778...

EUVD-2025-19256

Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778...

Pandora FMS 安全漏洞

Pandora FMS is a monitoring system from Pandora FMS, USA. The system monitors networks, servers, virtual infrastructures, applications, etc. through visualization. A security vulnerability exists in Pandora FMS versions 774 to 778, which stems from improper neutralization of special elements of t...

VulnCheck KEV: CVE-2018-12998

A reflected Cross-site scripting XSS vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to...

CVE-2025-41437

CVE-2025-41437 affects several ManageEngine products (OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer, and OpUtils). The vulnerability is a Reflected XSS on the login page caused by an issue in the login handling, affecting versions 128565 and below. Impact: credenti...

ZOHO多款产品 安全漏洞

ZOHO ManageEngine Netflow Analyzer and so on are products of ZOHO USA.ZOHO ManageEngine Netflow Analyzer is a set of Web-based bandwidth monitoring tools.ZOHO ManageEngine Firewall Analyzer is a ZOHO ManageEngine Firewall Analyzer is a set of Web-based firewall log analysis tools, ZOHO ManageEngi...

CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

CVE-2021-41075

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

CVE-2019-7426

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter...

CVE-2019-7427

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter...

CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

DEBIAN-CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

UBUNTU-CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor built on multiple packet capture engines by the individual developer Pavel Odintsov. A security vulnerability exists in FastNetMon 1.2.7 and earlier versions, which stems from the presence of a zero-length template for Netflow v9, which allows...

CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

PT-2024-9990 · Unknown · Fastnetmon Community Edition

Name of the Vulnerable Software and Affected Versions: FastNetMon Community Edition versions 1.2.7 and earlier Description: An issue was discovered that allows remote attackers to cause a denial of service. This is due to zero-length templates for Netflow v9, which can lead to a divide-by-zero...

Plixer Scrutinizer NetFlow And SFlow Analyzer HTTP Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass', 'Description' = %q This will add an administrative account to...

ManageEngine NetFlow Analyzer Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine NetFlow Analyzer Arbitrary File Download', 'Description' = %q This module exploits an arbitrary file download vulnerability in...