Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-17405
Nokia IMPACT < 18A: has Reflected self XSS
Nokia Impact
5.5
CVSSv3
CVE-2021-32289
An issue exists in heif through through v3.6.2. A NULL pointer dereference exists in the function convertByteStreamToRBSP() located in nalutil.cpp. It allows an malicious user to cause Denial of Service.
Nokia Heif
5.4
CVSSv3
CVE-2022-28865
An issue exists in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for deliverin...
Nokia Netact 22.0.0.62
5.4
CVSSv3
CVE-2022-28867
An issue exists in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechan...
Nokia Netact 22.0.0.62
5.4
CVSSv3
CVE-2023-26059
An issue exists in Nokia NetAct prior to 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demili...
Nokia Netact 20.1
5.4
CVSSv3
CVE-2023-26061
An issue exists in Nokia NetAct prior to 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exp...
Nokia Netact
5.4
CVSSv3
CVE-2021-26596
An issue exists in Nokia NetAct 18A. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter...
Nokia Netact 18a
5.3
CVSSv3
CVE-2019-17406
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
Nokia Impact
4.8
CVSSv3
CVE-2022-30903
Nokia "G-2425G-A" Bharti Airtel Routers Hardware version "3FE48299DEAA" Software Version "3FE49362IJHK42" is vulnerable to Cross-Site Scripting (XSS) via the admin->Maintenance>Device Management.
Nokia G-2425g-a Firmware 3fe49362ijhk42
4.8
CVSSv3
CVE-2021-30003
An issue exists on Nokia G-120W-F 3FE46606AGAB91 devices. There is Stored XSS in the administrative interface via urlfilter.cgi?add url_address.
Nokia G-120w-f Firmware 3fe46606agab91
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »