This page lists publicly disclosed CVE vulnerabilities affecting infoblox nios (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-61880 | In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. | [email protected] | 8.8 | 0.39% | 2026-02-12 | 2026-02-19 |
| CVE-2025-61879 | In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism. | [email protected] | 7.7 | 0.03% | 2026-02-12 | 2026-02-19 |
| CVE-2024-37567 | Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. | [email protected] | 9.1 | 0.24% | 2025-02-27 | 2025-04-10 |
| CVE-2024-37566 | Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. | [email protected] | 9.8 | 0.27% | 2025-02-27 | 2025-04-10 |
| CVE-2024-36047 | Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation. | [email protected] | 9.8 | 0.24% | 2025-02-27 | 2025-04-10 |
| CVE-2024-36046 | Infoblox NIOS through 8.6.4 executes with more privileges than required. | [email protected] | 9.8 | 0.26% | 2025-02-27 | 2025-04-10 |
| CVE-2022-28975 | A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field. | [email protected] | 5.4 | 0.18% | 2024-01-09 | 2026-01-27 |
| CVE-2023-37249 | Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access. | [email protected] | 8.8 | 0.10% | 2023-08-25 | 2024-11-21 |
| CVE-2020-15303 | Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564. | [email protected] | 6.5 | 0.39% | 2021-06-28 | 2024-11-21 |
| CVE-2018-10239 | A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a weakness in the "support access" password generation algorithm. A locally authenticated administrative user may be able to exploit this vulnerability if the "support access" feature is enabled, they know | [email protected] | 6.7 | 0.04% | 2019-06-17 | 2024-11-21 |