Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 23/08/2021 Updated: 02/11/2023

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Certain NetModule devices allow credentials via GET parameters to CLI-PHP. These models with firmware prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB3800.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netmodule netmodule_router_software

NetModule Router Software versions prior to 430113, 440111, and 450105 suffer from insecure password handling and session fixation vulnerabilities ...

CWE-532 https://seclists.org/fulldisclosure/2021/Aug/22 https://www.netmodule.com https://nvd.nist.gov https://packetstormsecurity.com/files/163892/NetModule-Router-Software-Password-Handling-Session-Fixation.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-39291

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect