RSS   Vulnerabilities for 'Esmpro manager'   RSS

2021-01-20
 
CVE-2020-27859

CWE-22
 

 
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEuaLogDownloadAction class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-9607.

 
2020-07-22
 
CVE-2020-10917

CWE-502
 

 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10007.

 

 >>> Vendor: NEC 71 Products
Asl ux 4800
Ews-ux v
Up-ux v
Goah intrasv
Goah networksv
Socks 5
Bluefire ix1035 router
Ix1010
Ix1011
Ix1020
Ix1050
Ix2010
Univerge
Multiwriter 1700c
Sockscap
Bladesystemcenter
Expresssystemcenter
Sigmasystemcenter
Virtualpccenter
Websam deploymentmanager
Capsuite patchmeister
Ip38x/1000
Ip38x/103
Ip38x/105
Ip38x/107e
Ip38x/1100
Ip38x/1200
Ip38x/140
Ip38x/1500
Ip38x/200
Ip38x/2000
Ip38x/250i
Ip38x/300
Ip38x/3000
Ip38x/52
Ip38x/55i
Ip38x/57i
Ip38x/58i
Ip38x/sr100
Ip38x/v700
Mobile handset
Universal raid utility
Atermwm3450rn
Atermwm3600r
Atermwr8160n
Atermwr8370n
Atermwr8600n
Atermwr9500n
Ip38x 3000
Ip38x 1200
Ip38x 810
Ip38x 250i
Ip38x 1100
Ip38x 1500
Ip38x 107e
Ip38x 1000
Ip38x 2000
Ip38x 105
Ip38x 140
Ip38x 300
Expresscluster x
Aterm wg1200hp firmware
Aterm hc100rc firmware
Aterm w300p firmware
Aterm wf1200cr firmware
Aterm wg1200cr firmware
Esmpro manager
Clusterpro x
Univerge dt900 data maintenance tool
Univerge dt800 data maintenance tool
Univerge ip phone manager


Copyright 2024, cxsecurity.com

 

Back to Top