cbcvebase.

Netvision Information Airpass vulnerabilities

4 known vulnerabilities affecting netvision_information/airpass.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2

Vulnerabilities

Page 1 of 1
CVE-2025-0456P2CRITICALCVSS 9.8≥ 2.9.0, < 2.9.0.241231≥ 3.0.0, < 3.0.0.2412312025-01-16
CVE-2025-0456 [CRITICAL] CWE-306 CVE-2025-0456: The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthen The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve * all accounts and passwords.
nvd
CVE-2025-0455P2CRITICALCVSS 9.8≥ 2.9.0, < 2.9.0.241231≥ 3.0.0, < 3.0.0.2412312025-01-16
CVE-2025-0455 [CRITICAL] CWE-89 CVE-2025-0455: The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated r The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
nvd
CVE-2025-0457P2HIGHCVSS 8.8≥ 2.9.0, < 2.9.0.241231≥ 3.0.0, < 3.0.0.2412312025-01-16
CVE-2025-0457 [HIGH] CWE-78 CVE-2025-0457: The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote at The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
nvd
CVE-2023-48383P3HIGHCVSS 7.5vv2.9.0.2007032024-01-15
CVE-2023-48383 [HIGH] CWE-22 CVE-2023-48383: NetVision Information airPASS has a path traversal vulnerability within its parameter in a speci NetVision Information airPASS has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
nvd
Netvision Information Airpass vulnerabilities | cvebase