Ntop Ntopng
8 CVEs affecting Ntop Ntopng. Latest disclosed: 2026-05-14. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-5473 | High | 8.8 | 2017-01-14 | Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated… |
CVE-2017-7458 | High | 7.5 | 2017-06-26 | The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer derefere… |
CVE-2017-7459 | High | 7.5 | 2017-06-26 | ntopng before 3.0 allows HTTP Response Splitting. |
CVE-2017-7416 | Medium | 6.1 | 2017-06-26 | ntopng before 3.0 allows XSS because GET and POST parameters are improperly validated. |
CVE-2026-45448 | Medium | 4.3 | 2026-05-14 | CWE-601 URL redirection to untrusted site ('open redirect') |
CVE-2015-8368 | | 2015-12-17 | ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to ad… | |
CVE-2014-5464 | | 2014-09-08 | Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote attackers to inject arbitra… | |
CVE-2014-4329 | | 2014-06-19 | Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote attackers to inject arbitrary web script or HTML via the host para… |