Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-2484
The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an malicious user to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs.
Nokia Asik Airscale 474021a.101 Firmware -
6.5
CVSSv3
CVE-2023-26057
An XXE issue exists in Nokia NetAct prior to 22 FP2211 via an XML document to the Configuration Dashboard page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created pa...
Nokia Netact 20.1
5.4
CVSSv3
CVE-2023-26059
An issue exists in Nokia NetAct prior to 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demili...
Nokia Netact 20.1
8.8
CVSSv3
CVE-2022-30759
In Nokia One-NDS (aka Network Directory Server) up to and including 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands.
Nokia One-nds
5.4
CVSSv3
CVE-2022-28865
An issue exists in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for deliverin...
Nokia Netact 22.0.0.62
6.5
CVSSv3
CVE-2022-36221
Nokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows malicious users to read any named pipe file on the system.
Nokia Fastmile Firmware 3tg00118abad52
8.4
CVSSv3
CVE-2022-36222
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.
Nokia Fastmile Firmware 3tg00118abad52
8.8
CVSSv3
CVE-2022-28863
An issue exists in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value.
Nokia Netact 22.0.0.62
9.8
CVSSv3
CVE-2021-41487
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'.
Nokia Vitalsuite 2020
4.3
CVSSv3
CVE-2022-38788
An issue exists in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an malicious user to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).
Nokia Fastmile 5g Receiver Firmware 1.2104.00.0281
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »