CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6729 – Nokia SR OS: File Access Security Vulnerability
https://notcve.org/view.php?id=CVE-2023-6729
17 Oct 2024 — Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users configured with "access console." Consequently, a low privilege authenticated user with "access console" can read or replace the router configuration file as well as other files stored in the Compact Flash or SD card without using CLI commands. This type of attack can lead to a compromise or denial of service of the router after the system is rebooted. • https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-6729 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6728 – Nokia SR OS: BOF File Encryption Vulnerability
https://notcve.org/view.php?id=CVE-2023-6728
17 Oct 2024 — Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configuration content. • https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-6728 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.3EPSS: 1%CPEs: 1EXPL: 0CVE-2023-38293
https://notcve.org/view.php?id=CVE-2023-38293
22 Apr 2024 — Certain software builds for the Nokia C200 and Nokia C100 Android devices contain a vulnerable, pre-installed app with a package name of com.tracfone.tfstatus (versionCode='31', versionName='12') that allows local third-party apps to execute arbitrary AT commands in its context (radio user) via AT command injection due to inadequate access control and inadequate input filtering. No permissions or special privileges are necessary to exploit the vulnerability in the com.tracfone.tfstatus app. No user interact... • https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41760
https://notcve.org/view.php?id=CVE-2022-41760
25 Dec 2023 — An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files. Se descubrió un problema en NOKIA NFM-T R19.9. El Path Traversal relativo puede ocurrir en /oms1350/data/cpb/log de Network Element Manager a través del parámetro filename, lo que permite a un atacante remoto autenticado leer archivos arbitrarios. • https://www.gruppotim.it/it/footer/red-team.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41761
https://notcve.org/view.php?id=CVE-2022-41761
25 Dec 2023 — An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files. Se descubrió un problema en NOKIA NFM-T R19.9. Existe una vulnerabilidad Absolute Path Traversal en /cgi-bin/R19.9/viewlog.pl de VM Manager WebUI a través del parámetro logfile, lo que permite a un atacante remoto autenticado leer archivos arbitrarios. • https://www.gruppotim.it/it/footer/red-team.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41762
https://notcve.org/view.php?id=CVE-2022-41762
25 Dec 2023 — An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl. Se descubrió un problema en NOKIA NFM-T R19.9. Existen múltiples vulnerabilidades de XSS reflejado en Network Element Manager a través de cualquier parámetro de log.pl, el parámetro bench o pid de top.pl o el parámetro id de easy1350.pl. • https://www.gruppotim.it/it/footer/red-team.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 1CVE-2022-39818
https://notcve.org/view.php?id=CVE-2022-39818
25 Dec 2023 — In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system. En NOKIA NFM-T R19.9, se produce una vulnerabilidad de inyección de comandos del sistema operativo en /cgi-bin/R19.9/log.pl de la interfaz web de VM Manager a través del parámetro cmd HTTP GET. Esto permite a los usuarios autenticados ejecutar comandos, con privil... • https://www.gruppotim.it/it/footer/red-team.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-39820
https://notcve.org/view.php?id=CVE-2022-39820
25 Dec 2023 — In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements. En Network Element Manager en NOKIA NFM-T R19.9, se produce una vulnerabilidad de almace... • https://www.gruppotim.it/it/footer/red-team.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-39822
https://notcve.org/view.php?id=CVE-2022-39822
25 Dec 2023 — In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation. En NOKIA NFM-T R19.9, se produce una vulnerabilidad de inyección SQL en /cgi-bin/R19.9/easy1350.pl de la interfaz web de VM Manager a través del parámetro GET HTTP id o host. Se requiere un atacante autenticado para la explotación. • https://www.gruppotim.it/it/footer/red-team.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43675
https://notcve.org/view.php?id=CVE-2022-43675
25 Dec 2023 — An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all parameters. Se descubrió un problema en NOKIA NFM-T R19.9. El XSS reflejado en Network Element Manager existe a través de /oms1350/pages/otn/cpbLogDisplay a través del parámetro filename, en /oms1350/pages/otn/connect... • https://www.gruppotim.it/redteam • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •