Skip to main content

Netmodule Router Software

6 CVEs product

Monthly

CVE-2023-46306 MEDIUM This Month

The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

PHP Command Injection Netmodule Router Software
NVD
CVSS 3.1
6.6
EPSS
1.0%
CVE-2023-0862 HIGH This Week

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Netmodule Router Software
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2023-0861 HIGH This Week

NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Netmodule Router Software
NVD
CVSS 3.1
8.8
EPSS
28.7%
CVE-2021-39291 HIGH POC This Week

Certain NetModule devices allow credentials via GET parameters to CLI-PHP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netmodule Router Software
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-39290 CRITICAL POC Act Now

Certain NetModule devices allow Limited Session Fixation via PHPSESSID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Session Fixation Netmodule Router Software
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-39289 HIGH POC This Week

Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption), These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netmodule Router Software
NVD
CVSS 3.1
7.5
EPSS
1.1%
EPSS 1% CVSS 6.6
MEDIUM This Month

The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

PHP Command Injection Netmodule Router Software
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Netmodule Router Software
NVD
EPSS 29% CVSS 8.8
HIGH This Week

NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Netmodule Router Software
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Certain NetModule devices allow credentials via GET parameters to CLI-PHP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netmodule Router Software
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Certain NetModule devices allow Limited Session Fixation via PHPSESSID. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Session Fixation Netmodule Router Software
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption), These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netmodule Router Software
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy