cbcvebase.

Infoblox Nios vulnerabilities

10 known vulnerabilities affecting infoblox/nios.

Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH3MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2024-37566P2CRITICALCVSS 9.8≥ 8.6.0, ≤ 8.6.42025-02-27
CVE-2024-37566 [CRITICAL] CWE-284 CVE-2024-37566: Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. Infoblox NIOS through 8.6.4 has Improper Authentication for Grids.
nvd
CVE-2025-61880P2HIGHCVSS 8.8≥ 8.6.0, ≤ 8.6.5v8.5.2+7 more2026-02-12
CVE-2025-61880 [HIGH] CWE-502 CVE-2025-61880: In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution.
nvd
CVE-2024-36046P3CRITICALCVSS 9.8≥ 8.6.0, ≤ 8.6.42025-02-27
CVE-2024-36046 [CRITICAL] CWE-269 CVE-2024-36046: Infoblox NIOS through 8.6.4 executes with more privileges than required. Infoblox NIOS through 8.6.4 executes with more privileges than required.
nvd
CVE-2024-36047P3CRITICALCVSS 9.8≥ 8.6.0, < 8.6.42025-02-27
CVE-2024-36047 [CRITICAL] CWE-20 CVE-2024-36047: Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation. Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.
nvd
CVE-2024-37567P3CRITICALCVSS 9.1≥ 8.6.0, ≤ 8.6.42025-02-27
CVE-2024-37567 [CRITICAL] CWE-284 CVE-2024-37567: Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. Infoblox NIOS through 8.6.4 has Improper Access Control for Grids.
nvd
CVE-2023-37249P3HIGHCVSS 8.8≤ 8.5.22023-08-25
CVE-2023-37249 [HIGH] CWE-78 CVE-2023-37249: Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.
nvd
CVE-2025-61879P3HIGHCVSS 7.7≥ 8.6.0, ≤ 8.6.5v8.5.2+7 more2026-02-12
CVE-2025-61879 [HIGH] CWE-73 CVE-2025-61879: In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the A In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.
nvd
CVE-2018-10239P4MEDIUMCVSS 6.7≥ 6.8, ≤ 8.4.12019-06-17
CVE-2018-10239 [MEDIUM] CWE-264 CVE-2018-10239: A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8. A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a weakness in the "support access" password generation a
nvd
CVE-2020-15303P4MEDIUMCVSS 6.5≥ 8.4.0, ≤ 8.4.8v8.5.0+1 more2021-06-28
CVE-2020-15303 [MEDIUM] CVE-2020-15303: Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue t Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564.
nvd
CVE-2022-28975P4MEDIUMCVSS 5.4v8.5.22024-01-09
CVE-2022-28975 [MEDIUM] CWE-79 CVE-2022-28975: A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.
nvd
Infoblox Nios vulnerabilities | cvebase