Ip3 Networks: Security Vulnerabilities
na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "`" (backtick) characters in the appliance's command line interface (CLI).
CVSS Score
4.6
EPSS Score
0.002
Published
2006-04-26
na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default password of admin.
CVSS Score
7.5
EPSS Score
0.007
Published
2006-04-26
The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data.
CVSS Score
3.6
EPSS Score
0.001
Published
2006-04-26
SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was later reported to also affect firmware 4.0.34.
CVSS Score
7.5
EPSS Score
0.013
Published
2004-12-31