← Back

Netcommwireless

netcommwireless

9 CVEs • 12 products

Products (12)

Click to collapse
Toggle
Nwl 25 Firmware
nwl-25_firmware
4 CVEs
Hspa 3g10wve Firmware
hspa_3g10wve_firmware
2 CVEs
Nf20 Firmware
nf20_firmware
2 CVEs
Nf20mesh Firmware
nf20mesh_firmware
2 CVEs
Nl1902 Firmware
nl1902_firmware
2 CVEs
Nb604n Firmware
nb604n_firmware
1 CVE
Nb604n
nb604n
1 CVE
Hspa 3g10wve
hspa_3g10wve
0 CVEs
Nwl 25
nwl-25
0 CVEs
Nf20
nf20
0 CVEs
Nf20mesh
nf20mesh
0 CVEs
Nl1902
nl1902
0 CVEs

CVEs (9)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-4874
1Netcommwireless
3Nf20 Firmware
Nf20mesh FirmwareNl1902 Firmware
Nov 4, 2025
Jan 11, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific...Show more
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a "fake login" to give the request an active session to load the file and not redirect to the login page.Show less
CVE-2022-4873
1Netcommwireless
3Nf20 Firmware
Nf20mesh FirmwareNl1902 Firmware
Nov 4, 2025
Jan 11, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack...Show more
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location.Show less
CVE-2018-14785
1Netcommwireless
1Nwl 25 Firmware
Nov 21, 2024
Aug 10, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication.
CVE-2018-14784
1Netcommwireless
1Nwl 25 Firmware
Nov 21, 2024
Aug 10, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the dev...Show more
NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device.Show less
CVE-2018-14783
1Netcommwireless
1Nwl 25 Firmware
Nov 21, 2024
Aug 10, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely.
CVE-2018-14782
1Netcommwireless
1Nwl 25 Firmware
Nov 21, 2024
Aug 10, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user.
CVE-2015-6024
1Netcommwireless
1Hspa 3g10wve Firmware
May 13, 2026
Feb 9, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS pa...Show more
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter.Show less
CVE-2015-6023
1Netcommwireless
1Hspa 3g10wve Firmware
May 13, 2026
Feb 9, 2017
N/A· v4
7.3 HIGH· v3
7.5 HIGH· v2
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be co...Show more
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands.Show less
CVE-2014-4871
1Netcommwireless
2Nb604n
Nb604n Firmware
May 6, 2026
Oct 7, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpa...Show more
Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter.Show less