Netis-Systems DL4343 Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:netis-systems:dl4343_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Netis Systems (672828a5-2e28-5c8f-b339-4984bcfc4393) |
|---|---|
| Product | Dl4343 Firmware (7033fd2b-3bd0-5c00-8faf-2a470a6b481c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-20076 |
vulnerable | 2026-06-03 14:40:11.453017 |
Details available
On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS Configuration).
Published: 2019-12-29T23:28:52.000Z
Updated: 2024-08-05T02:32:10.501Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-20075 |
vulnerable | 2026-06-03 14:40:11.452687 |
Details available
On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6 Diagnostic).
Published: 2019-12-29T23:29:02.000Z
Updated: 2024-08-05T02:32:10.541Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-20074 |
vulnerable | 2026-06-03 14:40:11.452284 |
Details available
On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page.
Published: 2019-12-29T23:29:12.000Z
Updated: 2024-08-05T02:32:10.500Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-20073 |
vulnerable | 2026-06-03 14:40:11.451946 |
Details available
On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Configuration).
Published: 2019-12-29T23:29:24.000Z
Updated: 2024-08-05T02:32:10.514Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-20072 |
vulnerable | 2026-06-03 14:40:11.451516 |
Details available
On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configuration).
Published: 2019-12-29T23:29:43.000Z
Updated: 2024-08-05T02:32:10.512Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-20071 |
vulnerable | 2026-06-03 14:40:11.451056 |
Details available
On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all logs.
Published: 2019-12-29T23:29:53.000Z
Updated: 2024-08-05T02:32:10.485Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-20070 |
vulnerable | 2026-06-03 14:40:11.449955 |
Details available
On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking Configuration).
Published: 2019-12-29T23:30:04.000Z
Updated: 2024-08-05T02:32:10.615Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.