CVE-2018-15138

Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...

CVE-2018-15138

Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...

CVE-2018-15138

Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...

Ericson-LG iPECS NMS 30M Directory Traversal Vulnerability

The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A directory traversal vulnerability exists in Ericsson-LG iPECS NMS 30M. An attacker can exploit the vulnerability to directly download configuration files...

Ericson-LG iPECS NMS SQL Injection Vulnerability

The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A SQL injection vulnerability exists in the User ID and password fields of the login portal in Ericsson-LG iPECS NMS version A.1Ac. A remote attacker can exploit this vulnerability to bypass the login page and...

Ericson-LG iPECS NMS Information Disclosure Vulnerability

The Ericsson-LG iPECS NMS is a network management solution from Ericson-LG in Korea. A security vulnerability exists in the web application in Ericsson-LG iPECS NMS version A.1Ac. The vulnerability can be exploited by an attacker to obtain sensitive information e.g., NMS admin credentials and...

CVE-2018-10285

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication...

CVE-2018-9245

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...

CVE-2018-9245

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system...