Skip to main content

Univerge Sv9100 Webpro Firmware

2 CVEs product

Monthly

CVE-2018-11742 CRITICAL POC THREAT Act Now

NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Univerge Sv9100 Webpro Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
14.3%
CVE-2018-11741 CRITICAL POC THREAT Act Now

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Univerge Sv9100 Webpro Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
17.9%
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Univerge Sv9100 Webpro Firmware
NVD Exploit-DB
EPSS 18% CVSS 9.8
CRITICAL POC THREAT Act Now

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Univerge Sv9100 Webpro Firmware
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy