Skip to main content

Ozeki Ng Sms Gateway

11 CVEs product

Monthly

CVE-2020-14030 HIGH PATCH This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

RCE Deserialization Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
7.2
EPSS
1.8%
CVE-2020-14031 HIGH POC This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
7.2
EPSS
1.6%
CVE-2020-14028 HIGH POC This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
7.2
EPSS
1.9%
CVE-2020-14027 MEDIUM POC This Month

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-14026 HIGH POC This Week

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-14025 HIGH POC This Week

Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-14024 MEDIUM POC This Month

Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-14023 MEDIUM POC This Month

Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
4.9
EPSS
1.0%
CVE-2020-14022 HIGH POC This Week

Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-14029 HIGH POC This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF XXE Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-14021 MEDIUM POC This Month

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ozeki Ng Sms Gateway
NVD GitHub
CVSS 3.1
4.9
EPSS
1.1%
EPSS 2% CVSS 7.2
HIGH PATCH This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

RCE Deserialization Ozeki Ng Sms Gateway
NVD GitHub
EPSS 2% CVSS 7.2
HIGH POC This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Ozeki Ng Sms Gateway
NVD GitHub
EPSS 2% CVSS 7.2
HIGH POC This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ozeki Ng Sms Gateway
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Ozeki Ng Sms Gateway
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ozeki Ng Sms Gateway
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Ozeki Ng Sms Gateway
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ozeki Ng Sms Gateway
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Ozeki Ng Sms Gateway
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ozeki Ng Sms Gateway
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF XXE Ozeki Ng Sms Gateway
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ozeki Ng Sms Gateway
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy