GCVE - cpe:2.3:a:netcore:nbr200v2:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netcore:nbr200v2:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Netcore (`ebda05da-f232-5bcd-abc7-24a3271d338c`)
Product	Nbr200V2 (`e19476a6-899e-56ad-8d96-e7bddeab8ff2`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-5147`	vulnerable	2026-06-08 07:35:24.266207	Netcore NBR1005GPEV2/NBR200V2/B6V2 network_tools tools_ping command injection MEDIUM (6.3) A vulnerability was found in Netcore NBR1005GPEV2, NBR200V2 and B6V2 up to 20250508 and classified as critical. This issue affects the function tools_ping of the file /usr/bin/network_tools. The manipulation of the argument url leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-05-25T11:31:04.116Z Updated: 2025-05-29T07:00:52.075Z Open on db.gcve.eu Reference links https://vuldb.com/?id.310235 https://vuldb.com/?ctiid.310235 https://vuldb.com/?submit.573682 https://github.com/Exploo0Osion/netcore_command_injection_3	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-5146`	vulnerable	2026-06-08 07:35:24.265797	Netcore NBR200V2 HTTP Header routerd passwd_set command injection MEDIUM (6.3) A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwd_set of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the argument pwd leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-05-25T07:00:09.594Z Updated: 2025-05-29T07:00:40.229Z Open on db.gcve.eu Reference links https://vuldb.com/?id.310234 https://vuldb.com/?ctiid.310234 https://vuldb.com/?submit.573493 https://github.com/Exploo0Osion/netcore_command_injection_2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-5145`	vulnerable	2026-06-08 07:35:24.264399	Netcore POWER13 Query String cgi-bin command injection MEDIUM (6.3) A vulnerability, which was classified as critical, was found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2, NBR200V2 and POWER13 up to 20250508. This affects an unknown part of the file /www/cgi-bin/ of the component Query String Handler. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-05-25T05:31:04.552Z Updated: 2025-07-11T08:41:34.484Z Open on db.gcve.eu Reference links https://vuldb.com/?id.310233 https://vuldb.com/?ctiid.310233 https://vuldb.com/?submit.573492 https://github.com/Exploo0Osion/netcore_unauth https://anonymous.4open.science/r/netcore_unauth-7D2E	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.