2 matches found
CVE-2016-6534
CVE-2016-6534 affects Opmantek NMIS prior to 4.3.7c (and potential exposure in non-default configurations for versions earlier than 8.5.12G). The vulnerability is a command injection via the tools.pl CGI script, exploitable through the following utilities: man, finger, ping, trace, and nslookup. ...
CVE-2016-5642
CVE-2016-5642 affects Opmantek NMIS prior to 8.5.12G, with a cross-site scripting (XSS) flaw exploitable via SNMP. A remote attacker with SNMP access can inject arbitrary web script or HTML into NMIS web sessions, potentially impacting user-facing interfaces. Public sources in connected documents...