Skip to main content

Sinec Network Management System

8 CVEs product

Monthly

CVE-2022-22965 Maven CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection Tomcat Spring Framework +37
NVD
CVSS 3.1
9.8
EPSS
99.7%
CVE-2022-25311 HIGH This Week

A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Sinec Network Management System Sinema Server
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2022-24282 HIGH This Week

A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Java RCE Sinec Network Management System
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-24281 HIGH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Sinec Network Management System
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2021-37201 HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Sinec Network Management System
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-37200 HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Sinec Network Management System
NVD
CVSS 3.1
7.7
EPSS
37.4%
CVE-2021-33721 HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Sinec Network Management System
NVD
CVSS 3.1
7.2
EPSS
2.7%
CVE-2020-7580 MEDIUM This Month

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions),. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Simatic Automatic Tool Simatic Net Pc Simatic Pcs 7 Simatic Pcs Neo +13
NVD
CVSS 3.1
6.7
EPSS
0.4%
EPSS 100% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection +39
NVD
EPSS 1% CVSS 7.3
HIGH This Week

A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Sinec Network Management System Sinema Server
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Java RCE +1
NVD
EPSS 3% CVSS 7.2
HIGH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Sinec Network Management System
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Sinec Network Management System
NVD
EPSS 37% CVSS 7.7
HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Sinec Network Management System
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE Command Injection Sinec Network Management System
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions),. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Simatic Automatic Tool Simatic Net Pc +15
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy