Every CVE whose affected-product data names Untangle Ng Firewall, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-18646 — CVSS 7.2 (high): The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when…
CVE-2019-18647 — CVSS 7.2 (high): The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user.
CVE-2019-18648 — CVSS 4.8 (medium): When logged in as an admin user, the Untangle NG firewall 14.2.0 is vulnerable to reflected XSS at multiple places and specific user input…
CVE-2019-18649 — CVSS 4.8 (medium): When logged in as an admin user, the Title input field (under Reports) within Untangle NG firewall 14.2.0 is vulnerable to stored XSS.