Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31244
Nokia OneNDS 17r2 has Insecure Permissions vulnerability that allows for privilege escalation.
Nokia One-network Directory Server 17r2
NA
CVE-2023-26057
An XXE issue exists in Nokia NetAct prior to 22 FP2211 via an XML document to the Configuration Dashboard page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created pa...
Nokia Netact 20.1
NA
CVE-2023-26058
An XXE issue exists in Nokia NetAct prior to 22 FP2211 via an XML document to a Performance Manager page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created paramete...
Nokia Netact 20.1
NA
CVE-2023-26059
An issue exists in Nokia NetAct prior to 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demili...
Nokia Netact 20.1
NA
CVE-2023-26061
An issue exists in Nokia NetAct prior to 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exp...
Nokia Netact
NA
CVE-2023-26060
An issue exists in Nokia NetAct prior to 22 FP2211. On the Working Set Manager page, users can create a Working Set with a name that has a client-side template injection payload. Input validation is missing during creation of the working set. For an external attacker, it is very ...
Nokia Netact
NA
CVE-2022-2482
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an malicious user to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary code execu...
Nokia Asik Airscale 474021a.102 Firmware -
Nokia Asik Airscale 474021a.101 Firmware -
NA
CVE-2022-2483
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
Nokia Asik Airscale 474021a.102 Firmware -
Nokia Asik Airscale 474021a.101 Firmware -
NA
CVE-2022-2484
The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an malicious user to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs.
Nokia Asik Airscale 474021a.101 Firmware -
NA
CVE-2022-36222
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.
Nokia Fastmile Firmware 3tg00118abad52
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »