Riello-ups Netman_204

7 CVEs affecting Riello-ups Netman_204. Latest disclosed: 2024-09-25. Critical: 4, High: 2.

Top CVEs affecting Riello-ups Netman_204
CVESeverityScorePublishedSummary
CVE-2022-47893Critical10.02023-10-03There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, t…
CVE-2024-8878Critical9.82024-09-25The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the dev…
CVE-2024-8877Critical9.82024-09-25Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measure…
CVE-2017-6900Critical9.82019-07-03An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When callin…
CVE-2022-3372High8.82023-06-21There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change administrator passwords through a Cross Site Request Forgery due…
CVE-2022-47891High8.12023-10-03All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery…
CVE-2022-47892Medium5.32023-10-03All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials.