Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nec vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-20025
Certain builds of NEC SV9100 software could allow an unauthenticated, remote malicious user to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account wit...
Nec Sv9100 Firmware
7.5
CVSSv2
CVE-2019-20027
Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account.
Nec Sv8100 Firmware
Nec Sv9100 Firmware
Nec Sl1100 Firmware
Nec Sl2100 Firmware
5
CVSSv2
CVE-2019-20028
Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice response system content through a system's WebPro administration interface.
Nec Sv8100 Firmware
Nec Sv9100 Firmware
Nec Sl1100 Firmware
Nec Sl2100 Firmware
7.5
CVSSv2
CVE-2019-20033
On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface.
Nec Sv8100 Firmware
7.5
CVSSv2
CVE-2020-10917
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of prope...
Nec Esmpro Manager 6.42
7.8
CVSSv2
CVE-2020-12695
The Open Connectivity Foundation UPnP specification prior to 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Ui Unifi Controller -
W1.fi Hostapd
Asus Rt-n11 -
Broadcom Adsl -
Canon Selphy Cp1200 -
Cisco Wap150 -
Cisco Wap351 -
Cisco Wap131 -
Dlink Dvg-n5412sp -
Dell B1165nfw -
Epson Ew-m970a3t -
Epson Ep-101 -
Epson Xp-8500 -
Epson Xp-702 -
Epson Xp-340 -
Epson Xp-620 -
Epson Xp-320 -
Epson Xp-960 -
Epson Xp-2101 -
Epson Xp-330 -
Epson Xp-2105 -
Epson Xp-100 -
6 Github repositories
8.3
CVSSv2
CVE-2020-5524
Aterm series (Aterm WF1200C firmware Ver1.2.1 and previous versions, Aterm WG1200CR firmware Ver1.2.1 and previous versions, Aterm WG2600HS firmware Ver1.3.2 and previous versions) allows an attacker on the same network segment to execute arbitrary OS commands with root privilege...
Nec Aterm Wg2600hs Firmware
Nec Aterm Wf1200c Firmware
Nec Aterm Wg1200cr Firmware
7.7
CVSSv2
CVE-2020-5525
Aterm series (Aterm WF1200C firmware Ver1.2.1 and previous versions, Aterm WG1200CR firmware Ver1.2.1 and previous versions, Aterm WG2600HS firmware Ver1.3.2 and previous versions) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with ...
Nec Aterm Wg2600hs Firmware
Nec Aterm Wf1200c Firmware
Nec Aterm Wg1200cr Firmware
7.7
CVSSv2
CVE-2020-5534
Aterm WG2600HS firmware Ver1.3.2 and previous versions allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
Nec Aterm Wg2600hs Firmware
4.3
CVSSv2
CVE-2020-5533
Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Nec Aterm Wg2600hs Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »