Lucene search

K

Netcomm Security Vulnerabilities

cve
cve

CVE-2022-4873

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known...

9.8CVSS

9.6AI Score

0.002EPSS

2023-01-11 09:15 PM
25
In Wild
cve
cve

CVE-2022-4874

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a "fake...

7.5CVSS

7.7AI Score

0.002EPSS

2023-01-11 09:15 PM
24
In Wild
cve
cve

CVE-2017-11645

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or...

9.8CVSS

9.5AI Score

0.003EPSS

2017-07-28 05:29 AM
24
cve
cve

CVE-2017-11646

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the...

8.8CVSS

8.7AI Score

0.001EPSS

2017-07-28 05:29 AM
24
cve
cve

CVE-2017-11647

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful...

5.4CVSS

5AI Score

0.001EPSS

2017-07-28 05:29 AM
27
cve
cve

CVE-2017-5900

Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 router with firmware NB16WV_R0.09 allows remote authenticated users to inject arbitrary web script or HTML via the S801F0334 parameter to...

5.4CVSS

5AI Score

0.001EPSS

2017-03-29 02:59 PM
22
4
cve
cve

CVE-2005-0895

Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping...

7AI Score

0.013EPSS

2005-05-02 04:00 AM
25