Riello Ups Netman-204 vulnerabilities
4 known vulnerabilities affecting riello_ups/netman-204.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3
Vulnerabilities
Page 1 of 1
CVE-2022-47893P2CRITICALCVSS 9.8≤ all versions2023-10-03
CVE-2022-47893 [CRITICAL] CWE-434 CVE-2022-47893: There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote att
There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root.
nvd
CVE-2022-47891P3HIGHCVSS 8.8≤ all versions2023-10-03
CVE-2022-47891 [HIGH] CWE-798 CVE-2022-47891: All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to r
All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function.
nvd
CVE-2022-47892P3HIGHCVSS 7.5≤ all versions2023-10-03
CVE-2022-47892 [HIGH] CWE-200 CVE-2022-47892: All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials.
nvd
CVE-2022-3372P3HIGHCVSS 8.8v02.052023-06-21
CVE-2022-3372 [HIGH] CWE-352 CVE-2022-3372: There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change admini
There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change administrator passwords through a Cross Site Request Forgery due to the lack of proper validation on the CRSF token. This vulnerability could allow a remote attacker to access the administrator panel, being able to modify different parameters that are critical
nvd