netis-systems 漏洞與 CVE 列表(53)

產品(CPE): — CVE 數: 53

netis-systems 漏洞概覽

彙總 netis-systems 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

常見弱點模式包括 記憶體損壞、CSRF、路徑處理缺陷與輸入驗證問題,在 生產負載與軟體部署 使用場景中可能帶來 工作階段劫持、異常行為與檔案覆寫 等風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 12053 CVE 數
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2018-25125 Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users. [email protected] 8.7 0.47% 2025-11-14 2026-06-16
CVE-2025-50617 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50616 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_advanced_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50615 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_mac_filter_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50614 A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50613 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50612 A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50611 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50610 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50609 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specify_parame in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50608 A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-50635 A null pointer dereference vulnerability was discovered in Netis WF2780 v2.2.35445. The vulnerability exists in the FUN_0048a728 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the CONTENT_LENGTH variable, causing the program to crash and potentially leading to a denial-of-service (DoS) attack. [email protected] 7.5 0.40% 2025-08-13 2026-06-17
CVE-2025-34117 A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can send specially crafted UDP packets to execute arbitrary commands on the affected device. This backdoor uses a hardcoded authentication mechanism and accepts shell commands post-authentication. Some device [email protected] 9.3 22.92% 2025-07-16 2026-06-17
CVE-2025-45835 A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the environment variable value CONTENT_LENGTH, causing the program to crash and potentially leading to a denial-of-service (DoS) attack. [email protected] 7.5 0.40% 2025-05-12 2026-06-17
CVE-2025-2921 A vulnerability classified as critical has been found in Netis WF-2404 1.1.124EN. Affected is an unknown function of the file /etc/passwd. The manipulation with the input Realtek leads to use of default password. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in a [email protected] 5.4 0.27% 2025-03-28 2026-06-17
CVE-2025-2919 A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. [email protected] 7.0 0.29% 2025-03-28 2026-06-17
CVE-2024-33793 netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page. [email protected] 5.3 0.31% 2024-05-03 2026-06-17
CVE-2024-33792 netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page. [email protected] 9.8 0.97% 2024-05-03 2026-06-17
CVE-2024-33791 A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function. [email protected] 4.6 0.39% 2024-05-03 2026-06-17
CVE-2024-25851 Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the config_sequence parameter in other_para of cgitest.cgi. [email protected] 8.0 1.94% 2024-02-22 2026-06-17
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
cvelogic Threat Intelligence