Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nedi nedi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40895
In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote malicious user to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a differe...
Nedi Nedi
Nedi Nedi 1.0.7
356
VMScore
CVE-2021-26751
NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter. This allows an malicious user to access all the data in the database and obtain access to the NeDi applicat...
Nedi Nedi 1.9c
578
VMScore
CVE-2021-26753
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an malicious user to obtain access to the operating system where NeDi is installed and to all application data.
Nedi Nedi 1.9c
578
VMScore
CVE-2021-26752
NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. This allows an malicious user to obtain access to the operating system where NeDi is installed and to ...
Nedi Nedi 1.9c
312
VMScore
CVE-2020-23868
NeDi 1.9C allows inc/rt-popup.php d XSS.
Nedi Nedi 1.9c
312
VMScore
CVE-2020-23989
NeDi 1.9C allows pwsec.php oid XSS.
Nedi Nedi 1.9c
312
VMScore
CVE-2020-15029
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Assets-Management.php sn parameter.
Nedi Nedi 1.9c
312
VMScore
CVE-2020-15030
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter.
Nedi Nedi 1.9c
312
VMScore
CVE-2020-15031
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.
Nedi Nedi 1.9c
312
VMScore
CVE-2020-15032
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an malicious user to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.
Nedi Nedi 1.9c
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »