Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nec vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-20029
An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged acc...
Nec Sv8100 Firmware
Nec Sv9100 Firmware
Nec Sl1100 Firmware
Nec Sl2100 Firmware
4.6
CVSSv2
CVE-2019-20030
An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected.
Nec Um8000 Firmware
6.4
CVSSv2
CVE-2019-20031
NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks.
Nec Um8000 Firmware
Nec Um4730 Firmware
7.5
CVSSv2
CVE-2019-20033
On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface.
Nec Sv8100 Firmware
7.5
CVSSv2
CVE-2020-10917
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of prope...
Nec Esmpro Manager 6.42
7.8
CVSSv2
CVE-2020-12695
The Open Connectivity Foundation UPnP specification prior to 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Ui Unifi Controller -
W1.fi Hostapd
Asus Rt-n11 -
Broadcom Adsl -
Canon Selphy Cp1200 -
Cisco Wap150 -
Cisco Wap351 -
Cisco Wap131 -
Dlink Dvg-n5412sp -
Dell B1165nfw -
Epson Ew-m970a3t -
Epson Ep-101 -
Epson Xp-8500 -
Epson Xp-702 -
Epson Xp-340 -
Epson Xp-620 -
Epson Xp-320 -
Epson Xp-960 -
Epson Xp-2101 -
Epson Xp-330 -
Epson Xp-2105 -
Epson Xp-100 -
6 Github repositories
7.7
CVSSv2
CVE-2020-5525
Aterm series (Aterm WF1200C firmware Ver1.2.1 and previous versions, Aterm WG1200CR firmware Ver1.2.1 and previous versions, Aterm WG2600HS firmware Ver1.3.2 and previous versions) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with ...
Nec Aterm Wg2600hs Firmware
Nec Aterm Wf1200c Firmware
Nec Aterm Wg1200cr Firmware
7.7
CVSSv2
CVE-2020-5534
Aterm WG2600HS firmware Ver1.3.2 and previous versions allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
Nec Aterm Wg2600hs Firmware
8.3
CVSSv2
CVE-2020-5524
Aterm series (Aterm WF1200C firmware Ver1.2.1 and previous versions, Aterm WG1200CR firmware Ver1.2.1 and previous versions, Aterm WG2600HS firmware Ver1.3.2 and previous versions) allows an attacker on the same network segment to execute arbitrary OS commands with root privilege...
Nec Aterm Wg2600hs Firmware
Nec Aterm Wf1200c Firmware
Nec Aterm Wg1200cr Firmware
4.3
CVSSv2
CVE-2020-5533
Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Nec Aterm Wg2600hs Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »