14 matches found
CVE-2024-32499
CVE-2024-32499 affects Newforma Project Center Server up to version 2023.3.0.32259, where remote code execution is possible because .NET Remoting is exposed. The connected PT-security entry confirms the vulnerability class and impact, describing that remote code execution can occur via exposed .N...
CVE-2025-35051
CVE-2025-35051 affects Newforma Project Center Server (NPCS). The vulnerability exists because NPCS accepts serialized .NET data via the “/ProjectCenter.rem” endpoint on port 9003, enabling a remote, unauthenticated attacker to execute arbitrary code with the NT AUTHORITY\NetworkService privilege...
CVE-2025-35050
Summary: CVE-2025-35050 affects Newforma Info Exchange (NIX), where insecure deserialization of serialized .NET data via the /remoteweb/remote.rem endpoint allows a remote, unauthenticated attacker to execute arbitrary code with NT AUTHORITY\NetworkService privileges. The vulnerable endpoint is u...
CVE-2025-35053
Summary of findings (CVE-2025-35053): Newforma Info Exchange (NIX) exposes a vulnerability in the endpoint "/UserWeb/Common/MarkupServices.ashx" where the command DownloadExportedPDF allows an authenticated user to read and delete arbitrary files with the NT AUTHORITY\NetworkService privileges. T...
CVE-2025-35055
Newforma Info Exchange (NIX) contains a file-upload vulnerability in /UserWeb/Common/UploadBlueimp.ashx that allows an authenticated attacker to upload arbitrary files to writable locations, enabling web-shell execution or directory deletion. Related CNVD and Red Hat entries describe a broader ri...
CVE-2025-35058
Newforma Info Exchange (NIX) contains a vulnerable endpoint /UserWeb/Common/MarkupServices.ashx that can be triggered by a remote, unauthenticated attacker to force NIX to establish an SMB connection to an attacker‑controlled system, enabling the attacker to capture the NTLMv2 hash of the configu...
CVE-2025-35056
Affected product: Newforma Info Exchange (NIX).Vulnerability: The StreamStampImage endpoint (/UserWeb/Common/MarkupServices.ashx) accepts an encrypted file path and returns an image of the specified file. The path is generated with a shared, hard-coded key described in CVE-2025-35052, enabling an...
CVE-2025-35052
Newforma Info Exchange (NIX) has a vulnerability where a shared, hard-coded key is used to encrypt certain query parameters, allowing an attacker with valid NIX access to specify encrypted file paths (e.g., via StreamStampImage in /UserWeb/Common/MarkupServices.ashx) and read arbitrary files with...
CVE-2025-35061
Newforma Info Exchange (NIX) is affected via the NPCSRemoteWeb/LegacyIntegrationServices.asmx endpoint. An unauthenticated remote attacker can cause NIX to initiate an SMB connection to a system under attacker control, enabling capture of the NTLMv2 hash of the NIX service account. This informati...
CVE-2025-35054
CVE-2025-35054 affects Newforma Info Exchange (NIX). The root issue is insufficient protection of credentials stored in HKLM\Software\WOW6432Node\Newforma\Credentials, where both the credentials and the encryption key reside in the same registry location. Authenticated users can access both, and ...
CVE-2025-35062
Newforma Info Exchange (NIX) before version 2023.1 allows anonymous authentication by default, enabling an unauthenticated attacker to exploit additional vulnerabilities that require authentication. Related sources describe bypass and file-read/upload issues tied to authenticated access and the p...
CVE-2025-35057
Newforma Info Exchange (NIX) has a vulnerability in the /RemoteWeb/IntegrationServices.ashx endpoint that allows a remote, unauthenticated attacker to coerce NIX into making an SMB connection to an attacker-controlled system, enabling the attacker to capture the NTLMv2 hash of the NIX service acc...
CVE-2025-35059
Newforma Info Exchange (NIX) exposes an open redirect vulnerability via the unauthenticated nhl parameter in the endpoint /DownloadWeb/hyperlinkredirect.aspx. Multiple sources (CNVD-2025-25475, RH/CVE-2025-35059, EUVD-2025-33568, NVD, CNNVD, etc.) describe an open redirection that can be triggere...
CVE-2025-35060
CVE-2025-35060 concerns Newforma Info Exchange (NIX): the remote, authenticated attacker can upload SVG files via the Send a File Transfer feature, leading to stored XSS when the SVG content is rendered in a browser (notably with a mobile user agent). Several connected sources corroborate a cross...