Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nec vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2019-20030
An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected.
Nec Um8000 Firmware
4
CVSSv2
CVE-2019-20032
An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem.
Nec Sv8100 Firmware
Nec Sv9100 Firmware
Nec Sl1100 Firmware
Nec Sl2100 Firmware
10
CVSSv2
CVE-2019-20025
Certain builds of NEC SV9100 software could allow an unauthenticated, remote malicious user to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account wit...
Nec Sv9100 Firmware
7.5
CVSSv2
CVE-2019-20027
Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account.
Nec Sv8100 Firmware
Nec Sv9100 Firmware
Nec Sl1100 Firmware
Nec Sl2100 Firmware
7.5
CVSSv2
CVE-2020-10917
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of prope...
Nec Esmpro Manager 6.42
7.8
CVSSv2
CVE-2020-12695
The Open Connectivity Foundation UPnP specification prior to 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Ui Unifi Controller -
W1.fi Hostapd
Asus Rt-n11 -
Broadcom Adsl -
Canon Selphy Cp1200 -
Cisco Wap150 -
Cisco Wap351 -
Cisco Wap131 -
Dlink Dvg-n5412sp -
Dell B1165nfw -
Epson Ew-m970a3t -
Epson Ep-101 -
Epson Xp-8500 -
Epson Xp-702 -
Epson Xp-340 -
Epson Xp-620 -
Epson Xp-320 -
Epson Xp-960 -
Epson Xp-2101 -
Epson Xp-330 -
Epson Xp-2105 -
Epson Xp-100 -
6 Github repositories
8.3
CVSSv2
CVE-2020-5524
Aterm series (Aterm WF1200C firmware Ver1.2.1 and previous versions, Aterm WG1200CR firmware Ver1.2.1 and previous versions, Aterm WG2600HS firmware Ver1.3.2 and previous versions) allows an attacker on the same network segment to execute arbitrary OS commands with root privilege...
Nec Aterm Wg2600hs Firmware
Nec Aterm Wf1200c Firmware
Nec Aterm Wg1200cr Firmware
7.7
CVSSv2
CVE-2020-5525
Aterm series (Aterm WF1200C firmware Ver1.2.1 and previous versions, Aterm WG1200CR firmware Ver1.2.1 and previous versions, Aterm WG2600HS firmware Ver1.3.2 and previous versions) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with ...
Nec Aterm Wg2600hs Firmware
Nec Aterm Wf1200c Firmware
Nec Aterm Wg1200cr Firmware
4.3
CVSSv2
CVE-2020-5533
Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Nec Aterm Wg2600hs Firmware
7.7
CVSSv2
CVE-2020-5534
Aterm WG2600HS firmware Ver1.3.2 and previous versions allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
Nec Aterm Wg2600hs Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »