27 matches found
CVE-2025-8800
A vulnerability has been found in Open5GS up to 2.7.5. Affected by this issue is the function esmhandlepdnconnectivityrequest of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version...
CVE-2022-43675
An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all...
CVE-2022-39820
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom199/OTNEDRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /ro...
CVE-2022-41762
An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl...
CVE-2022-43675
An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all...
CVE-2022-41760
An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files...
CVE-2022-41762
An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl...
CVE-2022-41760
An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files...
Cross site scripting
An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all...
Path traversal
An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files...
Design/Logic Flaw
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom199/OTNEDRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /ro...
Cross site scripting
An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl...
CVE-2022-43675
An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all...
CVE-2022-43675
An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all...
CVE-2022-41762
An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl...
CVE-2022-41760
An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files...
CVE-2022-39820
In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom199/OTNEDRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /ro...
PT-2023-14284 · Nokia · Nokia Nfm-T
Name of the Vulnerable Software and Affected Versions: NOKIA NFM-T version R19.9 Description: An issue exists in the Network Element Manager, specifically a Reflected XSS. This issue can be exploited via several API endpoints, including "/oms1350/pages/otn/cpbLogDisplay" via the filename paramete...
CVE-2022-41760
CVE-2022-41760 concerns Nokia NFM-T R19.9. Affected: Nokia NFM-T Network Element Manager. Vulnerability: Relative Path Traversal under /oms1350/data/cpb/log via the filename parameter, allowing a remote authenticated attacker to read arbitrary files. Connected sources corroborate the issue across...
CVE-2022-43675
CVE-2022-43675 (Nokia NFM-T R19.9) is a reflected XSS in the Network Element Manager. The issue affects NOKIA NFM-T vR19.9, with vulnerability in the Network Element Manager exposed via endpoints: "/oms1350/pages/otn/cpbLogDisplay" (filename parameter), "/oms1350/pages/otn/connection/E2ERoutingDi...