Netis-Systems N3M Firmware vulnerabilities
10 known vulnerabilities affecting netis-systems/n3m_firmware.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH5
Vulnerabilities
Page 1 of 1
CVE-2023-43891P2CRITICALCVSS 9.8v1.0.1.8652023-10-02
CVE-2023-43891 [CRITICAL] CWE-77 CVE-2023-43891: Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing U
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload.
nvd
CVE-2023-45467P2CRITICALCVSS 9.8v1.0.1.8652023-10-13
CVE-2023-45467 [CRITICAL] CWE-78 CVE-2023-45467: Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
nvd
CVE-2023-43893P2CRITICALCVSS 9.8v1.0.1.8652023-10-02
CVE-2023-43893 [CRITICAL] CWE-78 CVE-2023-43893: Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_ma
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload.
nvd
CVE-2023-43892P2CRITICALCVSS 9.8v1.0.1.8652023-10-02
CVE-2023-43892 [CRITICAL] CWE-78 CVE-2023-43892: Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload.
nvd
CVE-2023-45465P2CRITICALCVSS 9.8v1.0.1.8652023-10-13
CVE-2023-45465 [CRITICAL] CWE-77 CVE-2023-45465: Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomai
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings.
nvd
CVE-2023-43890P3HIGHCVSS 8.8v1.0.1.8652023-10-02
CVE-2023-43890 [HIGH] CWE-78 CVE-2023-43890: Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request.
nvd
CVE-2023-44860P3HIGHCVSS 7.5v1.0.1.8652023-10-06
CVE-2023-44860 [HIGH] CWE-863 CVE-2023-44860: An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service vi
An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request.
nvd
CVE-2023-45468P3HIGHCVSS 7.5v1.0.1.8652023-10-13
CVE-2023-45468 [HIGH] CWE-120 CVE-2023-45468: Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerab
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
nvd
CVE-2023-45463P3HIGHCVSS 7.5v1.0.1.8652023-10-13
CVE-2023-45463 [HIGH] CWE-120 CVE-2023-45463: Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
nvd
CVE-2023-45464P3HIGHCVSS 7.5v1.0.1.8652023-10-13
CVE-2023-45464 [HIGH] CWE-120 CVE-2023-45464: Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. Thi
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
nvd