Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-30003
An issue exists on Nokia G-120W-F 3FE46606AGAB91 devices. There is Stored XSS in the administrative interface via urlfilter.cgi?add url_address.
Nokia G-120w-f Firmware 3fe46606agab91
4.3
CVSSv3
CVE-2022-38788
An issue exists in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an malicious user to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).
Nokia Fastmile 5g Receiver Firmware 1.2104.00.0281
1 Github repository
4.3
CVSSv3
CVE-2019-17404
Nokia IMPACT < 18A: allows full path disclosure
Nokia Impact
3.3
CVSSv3
CVE-2023-41354
Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.
Nokia G-040w-q Firmware G040wqr201207
2.8
CVSSv3
CVE-2023-25186
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. If/when CSP (as a BTS administrator) removes security hardenings from a Nokia Single RAN BTS baseband unit, a directory path traversal in the Nokia BTS baseband unit diagnostic tool AaShell (which is by defa...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
NA
CVE-2023-38293
Certain software builds for the Nokia C200 and Nokia C100 Android devices contain a vulnerable, pre-installed app with a package name of com.tracfone.tfstatus (versionCode='31', versionName='12') that allows local third-party apps to execute arbitrary AT comma...
NA
CVE-2023-38299
Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from di...
NA
CVE-2022-45899
Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.
NA
CVE-2021-319322021
The TRS web console allows an authenticated user to remotely manage the BTS and its configuration. Analysis discovered an authentication bypass vulnerability in the web management console. BTS TRS web console version FTM_W20_FP2_2019.08.16_0010 is affected.
NA
CVE-2015-6929
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote malicious users to inject arbitrary web script or HTML via the (1) idFilter or (2) nameFilter parameter to cftr...
Nokia \\@vantage Commander
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »