Skip to main content

Advisor Network

3 CVEs product

Monthly

CVE-2024-38447 HIGH POC This Week

NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report (that belongs to an arbitrary user). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Advisor Network
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-38446 MEDIUM POC This Month

NATO NCI ANET 3.4.1 mishandles report ownership. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Advisor Network
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-31441 MEDIUM POC This Month

In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Advisor Network
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
EPSS 0% CVSS 8.1
HIGH POC This Week

NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report (that belongs to an arbitrary user). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Advisor Network
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

NATO NCI ANET 3.4.1 mishandles report ownership. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Advisor Network
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Advisor Network
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy