← Back

Nf20 Firmware

nf20_firmware

Vendor: Netcommwireless • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-4874
1Netcommwireless
3Nf20 Firmware
Nf20mesh FirmwareNl1902 Firmware
Nov 4, 2025
Jan 11, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific...Show more
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a "fake login" to give the request an active session to load the file and not redirect to the login page.Show less
CVE-2022-4873
1Netcommwireless
3Nf20 Firmware
Nf20mesh FirmwareNl1902 Firmware
Nov 4, 2025
Jan 11, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack...Show more
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location.Show less