The vulnerability of the microprogramming software of the 4G LTE Light Industrial M2M Router (NWL-25) arises from the lack of measures taken to protect the website structure. This allows attackers to execute arbitrary JavaScript code in the user’s browser.

The vulnerability of the microprogrammed software of the 4G LTE Light Industrial M2M Router NWL-25 is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

NetComm NWL-25 Cross-Site Request Forgery Vulnerability

The NetComm NWL-25 is a 4G LTE industrial grade M2M router. A cross-site request forgery vulnerability exists in the NetComm NWL-25 using firmware version 2.0.29.11 and earlier, which can be exploited by an attacker to remotely change the password of the device...

NetComm NWL-25 Device Directory Disclosure Vulnerability

The NetComm NWL-25 is a 4G LTE industrial grade M2M router. A device catalog disclosure vulnerability exists in the NetComm NWL-25 using firmware version 2.0.29.11 and earlier, which can be exploited by an attacker to obtain the device's catalog...

NetComm NWL-25 Information Disclosure Vulnerability

The NetComm NWL-25 is a 4G LTE industrial grade M2M router. An information disclosure vulnerability exists in the NetComm NWL-25 using firmware version 2.0.29.11 and earlier, which can be exploited by an attacker to access configuration files without authentication...

CVE-2018-14782

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user...

CVE-2018-14783

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely...

CVE-2018-14784

The CVE is for NetComm NWL-25 (4G LTE Light Industrial M2M Router). Affected firmware: 2.0.29.11 and earlier. Vulnerability: cross-site scripting (CWE-79) allowing a remote attacker to run arbitrary code on the device. Documented impact: remote code execution with network access; exploitation det...

CVE-2018-14783

CVE-2018-14783 is a Cross-Site Request Forgery vulnerability in NetComm NWL-25 4G LTE Light Industrial M2M Router. AFFECTED PRODUCTS: NWL-25 with firmware 2.0.29.11 and earlier. ROOT CAUSE/IMPACT: CSRF allows an attacker to remotely change the device password, with high impact (C/H, I/H, A/H in C...

CVE-2018-14784

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device...