Netmri

netmri

Vendor: Infoblox • 11 CVEs

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-52874 1Infoblox 1Netmri May 30, 2025 May 22, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks.
CVE-2025-32815 1Infoblox 1Netmri Jun 3, 2025 May 22, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.
CVE-2025-32814 1Infoblox 1Netmri Jun 3, 2025 May 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur.
CVE-2025-32813 1Infoblox 1Netmri Jun 3, 2025 May 22, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.
CVE-2024-54188 1Infoblox 1Netmri Jun 3, 2025 May 22, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.
CVE-2018-6643 1Infoblox 1Netmri Nov 21, 2024 Aug 28, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.
CVE-2016-6484 1Infoblox 1Netmri May 13, 2026 Jan 23, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a logi...Show more CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.Show less
CVE-2015-2033 1Infoblox 1Netmri May 6, 2026 Feb 20, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
CVE-2014-3419 1Infoblox 1Netmri May 6, 2026 Jul 15, 2014 N/A· v4 N/A· v3 7.2 HIGH· v2 Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors.
CVE-2014-3418 1Infoblox 1Netmri May 6, 2026 Jul 15, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter.
CVE-2011-5178 1Infoblox 1Netmri Apr 29, 2026 Sep 20, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eul...Show more Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter.Show less