3 matches found
CVE-2023-46306
NetModule Router Software (NRSW) versions affected: 4.6.x before 4.6.0.106 and 4.8.x before 4.8.0.101. The web admin interface constructs OS commands from unsanitized input in /admin/gnssAutoAlign.php device_id, due to a race/cleanup timing issue enabling execution of arbitrary commands with elev...
CVE-2023-0861
CVE-2023-0861 affects NetModule NSRW web administration interface. An authenticated user can trigger an OS command injection via unsanitized input, gaining elevated privileges and arbitrary command execution. Affected NSRW versions include 4.3.0.0 prior to 4.3.0.119, 4.4.0.0 prior to 4.4.0.118, 4...
CVE-2023-0862
The CVE-2023-0862 entry describes a path-traversal vulnerability in NetModule NSRW web administration interface. Affected NSRW versions: 4.3.0.0 before 4.3.0.119, 4.4.0.0 before 4.4.0.118, 4.6.0.0 before 4.6.0.105, and 4.7.0.0 before 4.7.0.103. Attackers could upload malicious files to the web ro...