16 matches found
CVE-2022-35911
On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...
CVE-2022-38625
Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's position i...
Privilege escalation
DISPUTED Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's...
CVE-2022-38625
Affected product: Patlite NH-FB (versions 1.46 and earlier). Issue: Insufficient firmware validation during the upgrade firmware file upload process, enabling authenticated attackers to upload their own custom firmware and inject malicious code. Root cause / details: Documented as a design choice...
CVE-2022-38625
Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's position i...
CVE-2022-38625
Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. This vulnerability allows authenticated attackers to create and upload their own custom-built firmware and inject malicious code. NOTE: the vendor's position i...
PT-2022-24489 · Patlite · Patlite Nh-Fb
Name of the Vulnerable Software and Affected Versions: Patlite NH-FB versions 1.46 and below Description: The issue is related to insufficient firmware validation during the upgrade firmware file upload process. This allows authenticated attackers to create and upload their own custom-built...
Patlite 数据伪造问题漏洞
Patlite is a network monitoring indicator from Patlite Japan. It is used to detect network anomalies with instant notification by light, sound and email. A data forgery issue vulnerability exists in Patlite NH-FB v1.46 and earlier versions, which stems from insufficient firmware validation. The...
CVE-2022-35911
On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...
CVE-2022-35911
On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...
Design/Logic Flaw
DISPUTED On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced."...
CVE-2022-35911
Summary (CVE-2022-35911): Patlite NH-FB series devices up to firmware 1.46 are affected. The issue is described as a remote-denial-of-service condition triggered by omitting the query string in requests, though vendor notes dispute the DoS effect and indicate the event may not be reproducible. Pu...
CVE-2022-35911
On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...
CVE-2018-18473
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via the "kankichi" or "kamiyo4" password to the...
CVE-2018-18473
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via the "kankichi" or "kamiyo4" password to the...
CVE-2018-18473
The CVE describes a backdoor in PATLITE NH-FB (firmware ≤1.45), NH-FV (≤1.10), and NBM (≤1.09) series devices. An attacker can enable an SSH daemon via the _secret1.htm URI using the passwords “kankichi” or “kamiyo4,” after which the default root password enables remote code execution and full sy...