The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| danware_data | netop | 6.0 |
| danware_data | netop | 6.50 |
NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a "custom" HELO request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| danware_data | netop | 7.0.1_build2002-01-29 |
| danware_data | netop | 6.0 |
| danware_data | netop | 6.50 |
| danware_data | netop | 7.60_build2003-06-24 |
| danware_data | netop | 7.50_build2003-08-04 |