CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...

9.8CVSS9.7AI score0.00103EPSS

Exploits0References2

Prion•added 2023/08/21 1:15 a.m.•14 views

Sql injection

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...

7.5CVSS9.8AI score0.00082EPSS

Exploits0References2Affected Software1

Prion•added 2023/08/21 1:15 a.m.•16 views

Hardcoded credentials

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...

7.5CVSS9.6AI score0.00103EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/08/21 12:0 a.m.•11 views

CVE-2023-39807

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...

8.3AI score0.00082EPSS

Exploits0References2

CVE•added 2023/08/21 12:0 a.m.•37 views

CVE-2023-39807

CVE-2023-39807 affects N.V.K. INTER CO., LTD. iBSG v3.5. The vulnerability is a SQL injection via the a_passwd parameter in the /portal/user-register.php endpoint, enabling potential unauthorized data access or manipulation. The CVSS v3.1 metrics indicate a high-severity, network-exposed issue wi...

9.8CVSS9.7AI score0.00082EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/08/21 12:0 a.m.•9 views

CVE-2023-39808

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...

7.5AI score0.00103EPSS

Exploits0References2

Vulnrichment•added 2023/08/21 12:0 a.m.•9 views

CVE-2023-39809

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a command injection vulnerability via the systemhostname parameter at /manage/network-basic.php...

8AI score0.00632EPSS

Exploits0References2

Cvelist•added 2023/08/21 12:0 a.m.•10 views

CVE-2023-39809

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a command injection vulnerability via the systemhostname parameter at /manage/network-basic.php...

10AI score0.00632EPSS

Exploits0References2

CVE•added 2023/08/21 12:0 a.m.•33 views

CVE-2023-39809

CVE-2023-39809 affects NVK iBSG v3.5, with a command injection vulnerability through the system_hostname parameter at /manage/network-basic.php. The CVSS 3.1 vector shows high impact (C/H/I/A) and network access with no privileges required, no user interaction, and unchanged scope. The available ...

9.8CVSS9.7AI score0.00632EPSS

Exploits0References2Affected Software1

CVE•added 2023/08/21 12:0 a.m.•37 views

CVE-2023-39808

CVE-2023-39808 affects N.V.K. INTER iBSG v3.5. The vulnerability stems from a hardcoded root password, enabling an attacker to log in with root privileges over SSH. Public sources corroborate the issue and assign a high severity (CVSSv3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No exploitatio...

9.8CVSS9.5AI score0.00103EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/08/21 12:0 a.m.•12 views

CVE-2023-39807

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...

10AI score0.00082EPSS

Exploits0References2