Netcrunch@10.6.0.4587 Security Vulnerabilities and Issues — Netcrunch@10.6.0.4587 CVE List

Lucene search

AdremsoftNetcrunch10.6.0.4587

4 matches found

CVE•added 2020/12/16 5:15 p.m.•38 views

CVE-2019-14481

AdRem NetCrunch 10.6.0.4587 has a Cross-Site Request Forgery (CSRF) vulnerability in the NetCrunch web client. Successful exploitation requires a logged-in user to open a malicious page and leads to account takeover.

5.8CVSS5.5AI score0.00115EPSS

CVE•added 2020/12/16 5:15 p.m.•37 views

CVE-2019-14479

AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read-only administrator can execute arbitrary code on the server running the NetCrunch server software.

9CVSS9AI score0.07617EPSS

CVE•added 2020/12/16 5:15 p.m.•34 views

CVE-2019-14476

AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server. Every user can trick the server into performing SMB requests to other systems.

6.5CVSS6.4AI score0.00223EPSS

CVE•added 2020/12/16 5:15 p.m.•34 views

CVE-2019-14478

AdRem NetCrunch 10.6.0.4587 has a stored Cross-Site Scripting (XSS) vulnerability in the NetCrunch web client. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and allows an attacker to execute JavaScrip...

5.4CVSS5.1AI score0.00343EPSS