Italtel Netmatch S Ci
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Italtel Netmatch S Ci.
By the Year
In 2026 there have been 0 vulnerabilities in Italtel Netmatch S Ci. Netmatch S Ci did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 7.57 |
It may take a day or so for new Netmatch S Ci vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Italtel Netmatch S Ci Security Vulnerabilities
Italtel NetMatch-S CI 5.2.0-20211008 XSS via j_username (Web GUI)
CVE-2022-39813
6.1 - Medium
- January 27, 2023
Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/j_security_check via the j_username parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The payload would then be triggered every time an authenticated user browses the page containing it.
XSS
Italtel NetMatchS CI 5.2.0-20211008 WebGui ACO Bypass
CVE-2022-39811
9.1 - Critical
- January 27, 2023
Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. By not verifying permissions for access to resources, it allows an attacker to view pages that are not allowed, and modify the system configuration, bypassing all controls (without checking for user identity).
AuthZ
Italtel NetMatchS CI 5.2.020211008 Path Traversal via SaveFileUploader
CVE-2022-39812
7.5 - High
- January 27, 2023
Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request (not possible using the GUI) to an arbitrary directory. Because the application does not check in which directory a file will be uploaded, an attacker can perform a variety of attacks that can result in unauthorized access to the server.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Italtel Netmatch S Ci or by Italtel? Click the Watch button to subscribe.
