Lucene search
K

5 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/02/24 12:0 a.m.29 views

SolarWinds Network Performance Monitor CredentialInitializer Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the CredentialInitializer function. The issue results from the lack o...

8.8CVSS7.6AI score0.80298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/11/23 12:0 a.m.25 views

SolarWinds Network Performance Monitor WebUserSettingsCrudHandler Improper Input Validation Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the CheckWhetherNonAdminAttemptsToModifyBlacklistedRecords function. The...

8.8CVSS2.8AI score0.0089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/09/20 12:0 a.m.29 views

SolarWinds Network Performance Monitor WriteToFile SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the lack of proper...

8.8CVSS2.5AI score0.05091EPSS
Exploits0
OSV
OSV
added 2021/02/12 12:15 a.m.3 views

CVE-2020-27869

This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the...

8.8CVSS7.4AI score
Exploits0References1
Prion
Prion
added 2020/02/17 5:15 p.m.15 views

Design/Logic Flaw

SolarWinds Network Performance Monitor Orion Platform 2018, NPM 12.3, NetPath 1.1.3 allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT...

3.5CVSS5.1AI score0.01363EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder