Netman 208

netman_208

Vendor: Riello Ups • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-68916 1Riello Ups 1Netman 208 Jan 2, 2026 Dec 24, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution.
CVE-2025-68915 1Riello Ups 1Netman 208 Jan 2, 2026 Dec 24, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner.
CVE-2025-68914 1Riello Ups 1Netman 208 Jan 2, 2026 Dec 24, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table.