19 matches found
CVE-2025-8153
Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts...
NEC UNIVERGE IX 安全漏洞
The NEC UNIVERGE IX is a router from Nippon Electric NEC. A security vulnerability exists in NEC UNIVERGE IX. An attacker exploiting this vulnerability could hijack on-screen authentication on the device via the management interface...
CVE-2018-11741
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=&GOTO8 URIs...
Default credentials
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI...
CVE-2018-11742
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI...
CVE-2018-11742
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI...
CVE-2018-11741
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=&GOTO8 URIs...
NEC Univerge Sv9100 WebPro 6.00.00 Predictable Session ID / Cleartext Passwords
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. 0day Vendor www.necam.com Affected Product Code Base NEC Univerge...
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage
''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. 0day Vendor www.necam.com Affected Product Code Base NEC...
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage
Exploit for hardware platform in category web applications ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B...
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download Vulnerability
NEC Univerge SV9100/SV8100 WebPro version 10.0 suffers from a remote configuration download vulnerability. The gzipped telephone system configuration file 'config.gz' or 'config.pcpx' that contains the unencrypted data file 'conf.pcpn', can be downloaded by an attacker from the root directory if...
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download Vendor: NEC Corporation Product web page: http://www.nec.com Affected version: WebPro =10.00 DSP Firmware Version: 12.11.00.02 Summary: NEC's UNIVERGEAr SV9100 is the unified communications UC solution of choice for small and...
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download
Summary NEC's UNIVERGE® SV9100 is the unified communications UC solution of choice for small and medium businesses SMBs who don't want to be left behind. Designed to fit your unique needs, the UNIVERGE SV9100 platform is a powerful communications solution that provides SMBs with the efficient,...
NEC UNIVERGE UM4730 < 11.8 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: NEC UNIVERGE UM4730 11.8 SQL injection Vulnerbility: SQL injection login bypass Date: 15-12-2016 Exploit Author: b0x41s Author web: https://www.xrayit.nl Vendor Homepage: https://www.nec-enterprise.com Category: webapps Version:...
NEC UNIVERGE UM4730 11.8 - SQL Injection
NEC UNIVERGE UM4730 11.8 - SQL Injection Exploit Title: NEC UNIVERGE UM4730 11.8 SQL injection Vulnerbility: SQL injection login bypass Date: 15-12-2016 Exploit Author: b0x41s Author web: https://www.xrayit.nl Vendor Homepage: https://www.nec-enterprise.com Category: webapps Version: 11.6.0.31...
NEC Universe UM4730 SQL Injection
Exploit Title: NEC UNIVERGE UM4730 11.8 SQL injection Vulnerbility: SQL injection login bypass Date: 15-12-2016 Exploit Author: b0x41s Author web: https://www.xrayit.nl Vendor Homepage: https://www.nec-enterprise.com Category: webapps Version: 11.6.0.31 Tested on: Windows server 2008 Description:...
NEC UNIVERGE UM4730 < 11.8 - SQL Injection
Exploit Title: NEC UNIVERGE UM4730 11.8 SQL injection Vulnerbility: SQL injection login bypass Date: 15-12-2016 Exploit Author: b0x41s Author web: https://www.xrayit.nl Vendor Homepage: https://www.nec-enterprise.com Category: webapps Version: 11.6.0.31 Tested on: Windows server 2008 Description:...
CVE-2005-4465
The CVE-2005-4465 entry concerns IKEv1 in NEC UNIVERGE IX1000/IX2000/IX3000, where crafted IKE packets can cause a denial of service and possibly arbitrary code execution, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. Connected sources also reference related IKEv1 issues (CVE-2005-36...
CVE-2005-4465
The Internet Key Exchange version 1 IKEv1 implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...