Netmodule Netmodule Router Software — known CVE vulnerabilities
Every CVE whose affected-product data names Netmodule Netmodule Router Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-39290 — CVSS 9.8 (critical): Certain NetModule devices allow Limited Session Fixation via PHPSESSID. These models with firmware before 4.3.0.113, 4.4.0.111, and…
CVE-2021-39291 — CVSS 8.8 (high): Certain NetModule devices allow credentials via GET parameters to CLI-PHP. These models with firmware before 4.3.0.113, 4.4.0.111, and…
CVE-2023-46306 — CVSS 8.4 (high): The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command…
CVE-2021-39289 — CVSS 7.5 (high): Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption), These models with firmware before…
CVE-2023-0861 — CVSS 7.2 (high): NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could…
CVE-2023-0862 — CVSS 7.2 (high): The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion…