Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-14943 | 1 Harmonicinc | 2 Nsg 9000, Nsg 9000 Firmware | 2018-10-17 | 10.0 HIGH | 9.8 CRITICAL |
Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default password of nsgguest for the guest account, and a default password of nsgconfig for the config account. | |||||
CVE-2018-14941 | 1 Harmonicinc | 1 Nsg 9000 | 2018-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI. | |||||
CVE-2018-14942 | 1 Harmonicinc | 2 Nsg 9000, Nsg 9000 Firmware | 2018-10-05 | 4.0 MEDIUM | 8.8 HIGH |
Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data. |