Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-39817
In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the injection of arbitrary SQL statements, a potential authenticated attacker can modify query syntax and perform unauthorized (and unexpected) operati...
Nokia 1350 Optical Management System 14.2
8.8
CVSSv3
CVE-2021-45896
Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated user via is_ctc_admin=1 to login_web_app.cgi and use of Import Config File.
Nokia Fastmile Firmware 3tg00118abad52
8.8
CVSSv3
CVE-2019-17403
Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.
Nokia Impact
8.8
CVSSv3
CVE-2019-3921
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated malicious user to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potential...
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
8.8
CVSSv3
CVE-2019-3919
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated malicious user to /GponForm/usb_restore_Form?script/.
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
8.8
CVSSv3
CVE-2019-3920
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated malicious user to /GponForm/device_Form?script/.
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
8.4
CVSSv3
CVE-2022-36222
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin account of admin:Nq+L5st7o This account can be used locally to access the web admin interface.
Nokia Fastmile Firmware 3tg00118abad52
7.8
CVSSv3
CVE-2023-22618
If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects (for example) WaveLite Metro 200 and Fan, WaveLite Metro 200 OPS and Fans, WaveLite M...
Nokia Wavelite Metro 200 And Fan Firmware
Nokia Wavelite Metro 200 Ops And Fans Firmware
Nokia Wavelite Metro 200 And F2b Fans Firmware
Nokia Wavelite Metro 200 Ops And F2b Fans Firmware
Nokia Wavelite Metro 200 Ne And F2b Fans Firmware
Nokia Wavelite Metro 200 Ne Ops And F2b Fans Firmware
7.8
CVSSv3
CVE-2023-25185
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. A mobile network solution internal fault was found in Nokia Single RAN software releases. Certain software processes in the BTS internal software design have unnecessarily high privileges to BTS embedded ope...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
7.8
CVSSv3
CVE-2023-25188
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. If/when CSP (as a BTS administrator) removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell (which is by default disabled) allows unauthenticat...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »