Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nedi nedi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40895
In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote malicious user to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a differe...
Nedi Nedi
Nedi Nedi 1.0.7
6.5
CVSSv2
CVE-2021-26752
NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. This allows an malicious user to obtain access to the operating system where NeDi is installed and to ...
Nedi Nedi 1.9c
6.5
CVSSv2
CVE-2021-26753
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an malicious user to obtain access to the operating system where NeDi is installed and to all application data.
Nedi Nedi 1.9c
4
CVSSv2
CVE-2021-26751
NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter. This allows an malicious user to access all the data in the database and obtain access to the NeDi applicat...
Nedi Nedi 1.9c
3.5
CVSSv2
CVE-2020-23989
NeDi 1.9C allows pwsec.php oid XSS.
Nedi Nedi 1.9c
3.5
CVSSv2
CVE-2020-23868
NeDi 1.9C allows inc/rt-popup.php d XSS.
Nedi Nedi 1.9c
3.5
CVSSv2
CVE-2020-15028
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Topology-Map.php xo parameter.
Nedi Nedi 1.9c
3.5
CVSSv2
CVE-2020-15031
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.
Nedi Nedi 1.9c
3.5
CVSSv2
CVE-2020-15034
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter.
Nedi Nedi 1.9c
3.5
CVSSv2
CVE-2020-15029
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Assets-Management.php sn parameter.
Nedi Nedi 1.9c
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »