Nec Corporation Univerge Ix vulnerabilities
3 known vulnerabilities affecting nec_corporation/univerge_ix.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-8153MEDIUMCVSS 5.1vfrom Ver.9.5 to Ver.10.7vfrom Ver.10.8.21 to Ver.10.8.36+2 more2025-09-17
CVE-2025-8153 [MEDIUM] CWE-79 CVE-2025-8153: Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver
Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.
cvelistv5nvd
CVE-2024-11013HIGHCVSS 7.2vfrom Ver9.2 to Ver10.10.21vfor Ver10.8 up to Ver10.8.27+1 more2024-11-29
CVE-2024-11013 [HIGH] CWE-77 CVE-2024-11013: Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10
Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device via the management interface.
cvelistv5nvd
CVE-2024-11014MEDIUMCVSS 4.3vfrom Ver9.2 to Ver10.10.21vfor Ver10.8 up to Ver10.8.27+1 more2024-11-29
CVE-2024-11014 [MEDIUM] CWE-352 CVE-2024-11014: Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.
Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and for Ver10.9 up to Ver10.9.14 allows a attacker to hijack the authentication of screens on the device via the management interface.
cvelistv5nvd