CVE-2025-34181
- EPSS 1.47%
- Veröffentlicht 15.12.2025 14:42:18
- Zuletzt bearbeitet 15.12.2025 19:16:04
NetSupport Manager < 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to ...
CVE-2025-34180
- EPSS 0.03%
- Veröffentlicht 15.12.2025 14:41:52
- Zuletzt bearbeitet 15.12.2025 19:16:04
NetSupport Manager < 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed...
CVE-2025-34179
- EPSS 0.15%
- Veröffentlicht 15.12.2025 14:41:27
- Zuletzt bearbeitet 15.12.2025 19:16:04
NetSupport Manager < 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gate...
- EPSS 0.52%
- Veröffentlicht 05.11.2010 17:00:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network.