Esafenet Cdg vulnerabilities
53 known vulnerabilities affecting esafenet/cdg.
Total CVEs
53
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL22HIGH23MEDIUM8
Vulnerabilities
Page 2 of 3
CVE-2025-0789P3HIGHCVSS 8.8v5vV52025-01-28
CVE-2025-0789 [HIGH] CWE-74 CVE-2025-0789: A vulnerability classified as critical has been found in ESAFENET CDG V5. This affects an unknown pa
A vulnerability classified as critical has been found in ESAFENET CDG V5. This affects an unknown part of the file /doneDetail.jsp. The manipulation of the argument flowId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosu
nvd
CVE-2025-0786P3HIGHCVSS 8.8v5vV52025-01-28
CVE-2025-0786 [HIGH] CWE-74 CVE-2025-0786: A vulnerability was found in ESAFENET CDG V5. It has been classified as critical. Affected is an unk
A vulnerability was found in ESAFENET CDG V5. It has been classified as critical. Affected is an unknown function of the file /appDetail.jsp. The manipulation of the argument flowId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this
nvd
CVE-2025-3399P3CRITICALCVSS 9.8v5.6.3.154.205_202501142025-04-08
CVE-2025-3399 [CRITICAL] CWE-74 CVE-2025-3399: A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5.6.3.154.205_2025
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5.6.3.154.205_20250114. Affected by this issue is some unknown functionality of the file /pubinfo/updateNotice.jsp. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be u
nvd
CVE-2024-10277P3CRITICALCVSS 9.8v52024-10-23
CVE-2024-10277 [CRITICAL] CWE-89 CVE-2024-10277: A vulnerability was found in ESAFENET CDG 5 and classified as critical. Affected by this issue is so
A vulnerability was found in ESAFENET CDG 5 and classified as critical. Affected by this issue is some unknown functionality of the file /com/esafenet/servlet/ajax/UsbKeyAjax.java. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor
nvd
CVE-2024-10595P3CRITICALCVSS 9.8v52024-10-31
CVE-2024-10595 [CRITICAL] CWE-89 CVE-2024-10595: A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vuln
A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delFile/delDifferCourseList of the file /com/esafenet/servlet/ajax/PublicDocInfoAjax.java. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be
nvd
CVE-2024-10613P3HIGHCVSS 8.8v52024-11-01
CVE-2024-10613 [HIGH] CWE-89 CVE-2024-10613: A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vuln
A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to
nvd
CVE-2024-10612P3HIGHCVSS 8.8v52024-11-01
CVE-2024-10612 [HIGH] CWE-89 CVE-2024-10612: A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the fun
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function removeHookInvalidCourse of the file /com/esafenet/servlet/system/HookInvalidCourseService.java. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public a
nvd
CVE-2024-10594P3HIGHCVSS 8.8v52024-10-31
CVE-2024-10594 [HIGH] CWE-89 CVE-2024-10594: A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the fun
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function docHistory of the file /com/esafenet/servlet/fileManagement/FileDirectoryService.java. The manipulation of the argument fileId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma
nvd
CVE-2024-10596P3HIGHCVSS 8.8v52024-10-31
CVE-2024-10596 [HIGH] CWE-89 CVE-2024-10596: A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue i
A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and
nvd
CVE-2024-10134P3HIGHCVSS 8.8v52024-10-19
CVE-2024-10134 [HIGH] CWE-89 CVE-2024-10134: A vulnerability was found in ESAFENET CDG 5 and classified as critical. Affected by this issue is th
A vulnerability was found in ESAFENET CDG 5 and classified as critical. Affected by this issue is the function connectLogout of the file /com/esafenet/servlet/ajax/MultiServerAjax.java. The manipulation of the argument servername leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. T
nvd
CVE-2024-10133P3HIGHCVSS 8.8v52024-10-19
CVE-2024-10133 [HIGH] CWE-89 CVE-2024-10133: A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulner
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulnerability is the function updateNetSecPolicyPriority of the file /com/esafenet/servlet/ajax/NetSecPolicyAjax.java. The manipulation of the argument id/frontId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to th
nvd
CVE-2024-10069P3HIGHCVSS 8.8v52024-10-17
CVE-2024-10069 [HIGH] CWE-89 CVE-2024-10069: A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue i
A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function actionPassMainApplication of the file /com/esafenet/servlet/client/MailDecryptApplicationService.java. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the p
nvd
CVE-2025-1840P3CRITICALCVSS 9.8v5.6.3.154.2052025-03-03
CVE-2025-1840 [CRITICAL] CWE-74 CVE-2025-1840: A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by
A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file /CDGServer3/workflowE/useractivate/updateorg.jsp. The manipulation of the argument flowId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and
nvd
CVE-2024-10135P3HIGHCVSS 8.8v52024-10-19
CVE-2024-10135 [HIGH] CWE-89 CVE-2024-10135: A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. This affects the fu
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. This affects the function actionDelNetSecConfig of the file /com/esafenet/servlet/netSec/NetSecConfigService.java. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m
nvd
CVE-2024-10501P3HIGHCVSS 8.8v52024-10-30
CVE-2024-10501 [HIGH] CWE-89 CVE-2024-10501: A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the fun
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Th
nvd
CVE-2024-10610P3HIGHCVSS 8.8v52024-11-01
CVE-2024-10610 [HIGH] CWE-89 CVE-2024-10610: A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affe
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Th
nvd
CVE-2025-1841P3CRITICALCVSS 9.8v5.6.3.154.2052025-03-03
CVE-2025-1841 [CRITICAL] CWE-74 CVE-2025-1841: A vulnerability classified as critical has been found in ESAFENET CDG 5.6.3.154.205. This affects an
A vulnerability classified as critical has been found in ESAFENET CDG 5.6.3.154.205. This affects an unknown part of the file /CDGServer3/logManagement/ClientSortLog.jsp. The manipulation of the argument startDate/endDate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be us
nvd
CVE-2024-9560P3HIGHCVSS 8.8v5vV52024-10-06
CVE-2024-9560 [HIGH] CWE-89 CVE-2024-9560: A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is the function delCatelogs of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelogs. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be u
nvd
CVE-2024-10500P3HIGHCVSS 8.8v52024-10-30
CVE-2024-10500 [HIGH] CWE-89 CVE-2024-10500: A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by thi
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is some unknown functionality of the file /com/esafenet/servlet/policy/HookWhiteListService.java. The manipulation of the argument policyId leads to sql injection. The attack may be launched remotely. The vendor was contacted early about this dis
nvd
CVE-2025-0788P3HIGHCVSS 8.8v5vV52025-01-28
CVE-2025-0788 [HIGH] CWE-74 CVE-2025-0788: A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /content_top.jsp. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about t
nvd