Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netsas enigma network management solution vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2019-16072
An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an malicious user to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action...
Netsas Enigma Network Management Solution
801
VMScore
CVE-2019-16065
A remote SQL injection web vulnerability exists in the Enigma NMS 65.0.0 and prior web application that allows an malicious user to execute SQL commands to expose and compromise the web server, expose database tables and values, and potentially execute system-based commands as th...
Netsas Enigma Network Management Solution
801
VMScore
CVE-2019-16066
An unrestricted file upload vulnerability exists in user and system file upload functions in NETSAS Enigma NMS 65.0.0 and prior. This allows an malicious user to upload malicious files and perform arbitrary code execution on the system.
Netsas Enigma Network Management Solution
605
VMScore
CVE-2019-16068
A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an malicious user to be able to trick a victim into submitting a malicious manage_files.cgi request. This can be triggered via XSS or an IFRAME tag included within the site.
Netsas Enigma Network Management Solution
578
VMScore
CVE-2019-16061
A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data (e.g., .htpasswd) and create/modify/delete content (e.g., under /va...
Netsas Enigma Network Management Solution
490
VMScore
CVE-2019-16064
NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possible for an malicious user to list operating...
Netsas Enigma Network Management Solution
445
VMScore
CVE-2019-16063
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an malicious user to expose unencrypted sensitive data.
Netsas Enigma Network Management Solution
445
VMScore
CVE-2019-16067
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an malicious user to steal username and password combinations by intercept...
Netsas Enigma Network Management Solution
383
VMScore
CVE-2019-16069
A number of stored Cross-site Scripting (XSS) vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through the SNMP protocol.
Netsas Enigma Network Management Solution
383
VMScore
CVE-2019-16070
A number of stored Cross-site Scripting (XSS) vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through web application form inputs.
Netsas Enigma Network Management Solution
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »