Netis-systems Dl4343 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netis-systems Dl4343 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2019-20074 — CVSS 8.8 (high): On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the…
CVE-2019-20070 — CVSS 6.1 (medium): On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking Configuration).
CVE-2019-20076 — CVSS 6.1 (medium): On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS Configuration).
CVE-2019-20073 — CVSS 6.1 (medium): On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Configuration).
CVE-2019-20072 — CVSS 6.1 (medium): On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configuration).