Shodan
Vulnerabilities
Vulnerable Software
Nokia:  Security Vulnerabilities
CVE-2021-32288
An issue was discovered in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicHeight() located in hevcdecoderconfigrecord.cpp. It allows an attacker to cause code Execution.
CVSS Score
7.8
EPSS Score
0.01
Published
2021-09-20
CVE-2021-32289
An issue was discovered in heif through through v3.6.2. A NULL pointer dereference exists in the function convertByteStreamToRBSP() located in nalutil.cpp. It allows an attacker to cause Denial of Service.
CVSS Score
5.5
EPSS Score
0.006
Published
2021-09-20
CVE-2021-30003
An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices. There is Stored XSS in the administrative interface via urlfilter.cgi?add url_address.
CVSS Score
4.8
EPSS Score
0.006
Published
2021-04-02
CVE-2021-26596
An issue was discovered in Nokia NetAct 18A. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used.
CVSS Score
5.4
EPSS Score
0.007
Published
2021-03-25
CVE-2021-26597
An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value.
CVSS Score
6.5
EPSS Score
0.014
Published
2021-03-25
CVE-2014-3809
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html.
CVSS Score
6.1
EPSS Score
0.009
Published
2020-01-31
CVE-2019-17406
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
CVSS Score
5.3
EPSS Score
0.011
Published
2019-11-25
CVE-2019-17403
Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.
CVSS Score
8.8
EPSS Score
0.025
Published
2019-11-25
CVE-2019-17404
Nokia IMPACT < 18A: allows full path disclosure
CVSS Score
4.3
EPSS Score
0.01
Published
2019-11-25
CVE-2019-17405
Nokia IMPACT < 18A: has Reflected self XSS
CVSS Score
6.1
EPSS Score
0.007
Published
2019-11-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved