Riello-ups Netman 204 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Riello-ups Netman 204 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-47893 — CVSS 10.0 (critical): There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file…
CVE-2024-8878 — CVSS 9.8 (critical): The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take…
CVE-2017-6900 — CVSS 9.8 (critical): An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for…
CVE-2024-8877 — CVSS 9.8 (critical): Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite…
CVE-2022-3372 — CVSS 8.8 (high): There is a CSRF vulnerability on Netman-204 version 02.05. An attacker could manage to change administrator passwords through a Cross Site…
CVE-2022-47891 — CVSS 8.1 (high): All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the…
CVE-2022-47892 — CVSS 5.3 (medium): All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information…