Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds orion network performance monitor vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-8917
SolarWinds Orion NPM prior to 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeAct...
Solarwinds Orion Network Performance Monitor
9
CVSSv2
CVE-2021-35212
An SQL injection Privilege Escalation Vulnerability exists in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
Solarwinds Orion Platform 2019.2
Solarwinds Orion Platform 2019.4
Solarwinds Orion Platform 2020.2.1
Solarwinds Orion Platform 2020.2.4
Solarwinds Orion Platform 2020.2.5
9
CVSSv2
CVE-2020-14005
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote malicious users to execute arbitrary code via a defined event.
Solarwinds Orion Network Performance Monitor 2019.4
Solarwinds Orion Web Performance Monitor 2019.4.1
7.5
CVSSv2
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) prior to 11.5, NetFlow Traffic Analyzer (NTA) prior to 4.1, Network Configuration Manager...
Solarwinds Orion Voip \\& Network Quality Manager
Solarwinds Orion Server And Application Manager
Solarwinds Orion Network Configuration Manager
Solarwinds Orion User Device Tracker
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Web Performance Monitor
Solarwinds Orion Netflow Traffic Analyzer
Solarwinds Orion Ip Address Manager
1 EDB exploit
6.8
CVSSv2
CVE-2012-2602
Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) prior to 10.3.1 allow remote malicious users to hijack the authentication of administrators for requests that (1) create user accounts via CreateUserStepContainer acti...
Solarwinds Orion Network Performance Monitor 10.1.13.0
Solarwinds Orion Network Performance Monitor
1 EDB exploit
6.5
CVSSv2
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
5.5
CVSSv2
CVE-2021-35225
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cros...
Solarwinds Network Performance Monitor
Solarwinds Network Performance Monitor 2020.2.6
4.3
CVSSv2
CVE-2012-4939
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface prior to 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote malicious users to inject arbitrary web script or HTML via the "Search for an IP address" f...
Solarwinds Orion Network Performance Monitor 10.2.1
Solarwinds Orion Network Performance Monitor 10.2.2
Solarwinds Orion Network Performance Monitor 10.3
Solarwinds Orion Network Performance Monitor 10.3.1
Solarwinds Orion Network Performance Monitor 10.0
Solarwinds Orion Network Performance Monitor 10.1.13.0
Solarwinds Ip Address Manager Web Interface
Solarwinds Orion Network Performance Monitor 10.1
Solarwinds Orion Network Performance Monitor 10.2
Solarwinds Orion Network Performance Monitor -
1 EDB exploit
4.3
CVSSv2
CVE-2012-2577
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) prior to 10.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName field of an snmpd.conf file.
Solarwinds Orion Network Performance Monitor 7.8.5
Solarwinds Orion Network Performance Monitor 8.5
Solarwinds Orion Network Performance Monitor 8.5.1
Solarwinds Orion Network Performance Monitor 9.1
Solarwinds Orion Network Performance Monitor 10.1
Solarwinds Orion Network Performance Monitor 10.0
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Network Performance Monitor 9.0
Solarwinds Orion Network Performance Monitor 9.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2010-4828
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Title parameter to MapView.aspx; NetObject parameter to (2) NodeDetails.aspx and (3) Inte...
Solarwinds Orion Network Performance Monitor 10.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »