Lucene search
+L

86 matches found

Prion
Prion
added 2020/03/20 12:17 a.m.18 views

Command injection

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...

10CVSS9.8AI score0.25279EPSS
Exploits5References1Affected Software1
CNVD
CNVD
added 2020/03/20 12:0 a.m.3 views

Unspecified Vulnerability in NETSAS Enigma NMS (CNVD-2020-18992)

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in NETSAS Enigma NMS server 65.0.0 and earlier versions. The vulnerability can be exploited by an attacker to gain access to the system, read sensitive data and create,...

8.8CVSS6.8AI score0.00994EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.4 views

NETSAS Enigma NMS Cross-Site Scripting Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.4AI score0.00691EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.3 views

Netsas Enigma NMS Code Execution Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in the user and system file upload functionality in NETSAS Enigma NMS version 65.0.0 and earlier. An attacker can exploit the vulnerability to upload malicious files and...

9CVSS7.5AI score0.02239EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.2 views

NETSAS Enigma NMS Information Disclosure Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in NETSAS Enigma NMS version 65.0.0 and prior versions, which originates from the program not encrypting data stored in the SQL database. An attacker can exploit the...

6.5CVSS7.2AI score0.00756EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.4 views

NETSAS Enigma NMS Directory Traversal Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A path traversal vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from the failure of a network system or product to properly filter special elements in the...

9.6CVSS6.8AI score0.01306EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.6 views

Enigma NMS Privilege Control Bypass Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. An attacker can exploit this vulnerability to bypass authorization controls and perform operations as an administrator...

8.8CVSS6.9AI score0.01049EPSS
Exploits1
CNVD
CNVD
added 2020/03/20 12:0 a.m.5 views

NETSAS Enigma NMS Information Disclosure Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in NETSAS Enigma NMS version 65.0.0 and prior versions, which originates from the program's failure to encrypt sensitive data rendered in a web page. An attacker can...

7.5CVSS6.7AI score0.00666EPSS
Exploits0
CNVD
CNVD
added 2020/03/20 12:0 a.m.4 views

NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.4AI score0.00686EPSS
Exploits1References1
NVD
NVD
added 2020/03/19 11:15 p.m.49 views

CVE-2019-16068

A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious managefiles.cgi request. This can be triggered via XSS or an IFRAME tag included within the site...

8.8CVSS8.3AI score0.00947EPSS
Exploits5References1
NVD
NVD
added 2020/03/19 11:15 p.m.24 views

CVE-2019-16069

A number of stored Cross-site Scripting XSS vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through the SNMP protocol...

6.1CVSS6.2AI score0.00686EPSS
Exploits1References1
OSV
OSV
added 2020/03/19 11:15 p.m.6 views

CVE-2019-16068

A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious managefiles.cgi request. This can be triggered via XSS or an IFRAME tag included within the site...

8.8CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2020/03/19 11:15 p.m.6 views

CVE-2019-16069

A number of stored Cross-site Scripting XSS vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through the SNMP protocol...

6.1CVSS5.8AI score0.00686EPSS
Exploits1References1
NVD
NVD
added 2020/03/19 11:15 p.m.24 views

CVE-2019-16063

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an attacker to expose unencrypted sensitive data...

7.5CVSS7.5AI score0.00666EPSS
Exploits0References1
OSV
OSV
added 2020/03/19 11:15 p.m.7 views

CVE-2019-16063

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an attacker to expose unencrypted sensitive data...

7.5CVSS5.8AI score0.00666EPSS
Exploits0References1
Prion
Prion
added 2020/03/19 11:15 p.m.15 views

Cross site scripting

A number of stored Cross-site Scripting XSS vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through the SNMP protocol...

4.3CVSS6.1AI score0.00686EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/03/19 11:15 p.m.19 views

Code injection

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an attacker to expose unencrypted sensitive data...

5CVSS7.5AI score0.00666EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/03/19 11:15 p.m.12 views

Cross site request forgery (csrf)

A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious managefiles.cgi request. This can be triggered via XSS or an IFRAME tag included within the site...

6.8CVSS8.2AI score0.00947EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2020/03/19 11:6 p.m.120 views

CVE-2019-16072

Affected product: NETSAS Enigma NMS (65.0.0 and earlier). Vulnerability: OS command injection in the discover_and_manage CGI script, caused by improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action. Impact: attacker (authenticated) can execute arb...

10CVSS9.8AI score0.25279EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2020/03/19 11:6 p.m.26 views

CVE-2019-16072

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...

9.8AI score0.25279EPSS
Exploits5References1
Rows per page
Query Builder