Shodan
Vulnerabilities
Vulnerable Software
Nokia:  Security Vulnerabilities
CVE-2021-26597
An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value.
CVSS Score
6.5
EPSS Score
0.005
Published
2021-03-25
CVE-2014-3809
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-01-31
CVE-2019-17406
Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743
CVSS Score
5.3
EPSS Score
0.004
Published
2019-11-25
CVE-2019-17403
Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution.
CVSS Score
8.8
EPSS Score
0.046
Published
2019-11-25
CVE-2019-17404
Nokia IMPACT < 18A: allows full path disclosure
CVSS Score
4.3
EPSS Score
0.003
Published
2019-11-25
CVE-2019-17405
Nokia IMPACT < 18A: has Reflected self XSS
CVSS Score
6.1
EPSS Score
0.004
Published
2019-11-25
CVE-2019-7386
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.
CVSS Score
6.5
EPSS Score
0.026
Published
2019-03-21
CVE-2019-3917
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-03-05
CVE-2019-3918
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-03-05
CVE-2019-3919
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/.
CVSS Score
8.8
EPSS Score
0.102
Published
2019-03-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved