Netcrunch Security Vulnerabilities and Issues — Netcrunch CVE List

Lucene search

AdremsoftNetcrunch

3 matches found

CVE•added 2020/12/16 5:15 p.m.•38 views

CVE-2019-14481

AdRem NetCrunch 10.6.0.4587 has a Cross-Site Request Forgery (CSRF) vulnerability in the NetCrunch web client. Successful exploitation requires a logged-in user to open a malicious page and leads to account takeover.

5.8CVSS5.5AI score0.00115EPSS

CVE•added 2020/12/16 5:15 p.m.•34 views

CVE-2019-14478

AdRem NetCrunch 10.6.0.4587 has a stored Cross-Site Scripting (XSS) vulnerability in the NetCrunch web client. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and allows an attacker to execute JavaScrip...

5.4CVSS5.1AI score0.00343EPSS

CVE•added 2020/12/16 4:15 p.m.•33 views

CVE-2019-14477

AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted.

5.5CVSS5.5AI score0.00052EPSS