CVE-2021-39289

CVE-2021-39289 affects NetModule Router Software (NRSW) and various NetModule NB devices where passwords are stored in cleartext or with reversible encryption. Affected devices include NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, a...

CVE-2021-39291

CVE-2021-39291 affects NetModule Router Software (NRSW) across multiple NB series devices. Vulnerability: credentials can be exposed via GET parameters to the CLI-PHP interface, on NetModule NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3...

CVE-2021-39290

CVE-2021-39290 affects NetModule Router Software (NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, NB3800) with firmware older than 4.3.0.113 (NB800) or older than 4.4.0.111 (NB1600/1601/1800/1810) or older than 4.5.0.105 (NB2700/2710/...

CVE-2023-0861

CVE-2023-0861 affects NetModule NSRW web administration interface. An authenticated user can trigger an OS command injection via unsanitized input, gaining elevated privileges and arbitrary command execution. Affected NSRW versions include 4.3.0.0 prior to 4.3.0.119, 4.4.0.0 prior to 4.4.0.118, 4...

CVE-2023-46306

NetModule Router Software (NRSW) versions affected: 4.6.x before 4.6.0.106 and 4.8.x before 4.8.0.101. The web admin interface constructs OS commands from unsanitized input in /admin/gnssAutoAlign.php device_id, due to a race/cleanup timing issue enabling execution of arbitrary commands with elev...

CVE-2023-0862

The CVE-2023-0862 entry describes a path-traversal vulnerability in NetModule NSRW web administration interface. Affected NSRW versions: 4.3.0.0 before 4.3.0.119, 4.4.0.0 before 4.4.0.118, 4.6.0.0 before 4.6.0.105, and 4.7.0.0 before 4.7.0.103. Attackers could upload malicious files to the web ro...