MidnightBSD

Advisories for italtel

CVE-2022-39811

Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. By not verifying permissions for access to resources, it allows an attacker to view pages that are not allowed, and modify the system configuration, bypassing all controls (without checking for user identity).

Products Affected

Vendor Product Version
italtel netmatch-s_ci 5.2.0-20211008
CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request (not possible using the GUI) to an arbitrary directory. Because the application does not check in which directory a file will be uploaded, an attacker can perform a variety of attacks that can result in unauthorized access to the server.

Products Affected

Vendor Product Version
italtel netmatch-s_ci 5.2.0-20211008
CVE-2022-39813

Italtel NetMatch-S CI 5.2.0-20211008 allows Multiple Reflected/Stored XSS issues under NMSCIWebGui/j_security_check via the j_username parameter, or NMSCIWebGui/actloglineview.jsp via the name or actLine parameter. An attacker leveraging this vulnerability could inject arbitrary JavaScript. The payload would then be triggered every time an authenticated user browses the page containing it.

Products Affected

Vendor Product Version
italtel netmatch-s_ci 5.2.0-20211008
CVE-2024-28803

Cross-site scripting (XSS) vulnerability in Italtel S.p.A. i-MCS NFV v.12.1.0-20211215 allows unauthenticated remote attackers to inject arbitrary web script or HTML into HTTP/POST parameter

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
italtel i-mcs_nfv 12.1.0-20211215
CVE-2024-28804

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Stored Cross-site scripting (XSS) can occur via POST.

Products Affected

Vendor Product Version
italtel i-mcs_nfv 12.1.0-20211215
CVE-2024-28805

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control.

Products Affected

Vendor Product Version
italtel i-mcs_nfv 12.1.0-20211215
CVE-2024-28806

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers can upload files at an arbitrary path.

Products Affected

Vendor Product Version
italtel i-mcs_nfv 12.1.0-20211215
CVE-2024-31840

An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the email server. Once the user access the edit function, the web application fills the edit form with the current credentials for the email account, including the cleartext password.

Products Affected

Vendor Product Version
italtel embrace 1.6.4
CVE-2024-31841

An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem.

Products Affected

Vendor Product Version
italtel embrace 1.6.4
CVE-2024-31843

An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System.

Products Affected

Vendor Product Version
italtel embrace 1.6.4
CVE-2024-31844

An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside an error message, some information about the server is revealed, such as the absolute path of the source code of the application. This kind of information can help an attacker to perform other attacks against the system. This can be exploited without authentication.

Products Affected

Vendor Product Version
italtel embrace 1.6.4
CVE-2024-31845

An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to logs. The web application writes logs using a GET query string parameter. This parameter can be modified by an attacker, so that every action he performs is attributed to a different user. This can be exploited without authentication.

Products Affected

Vendor Product Version
italtel embrace 1.6.4
CVE-2024-31846

An issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Products Affected

Vendor Product Version
italtel embrace 1.6.4
CVE-2024-31847

An issue was discovered in Italtel Embrace 1.6.4. A stored cross-site scripting (XSS) vulnerability allows authenticated and unauthenticated remote attackers to inject arbitrary web script or HTML into a GET parameter. This reflects/stores the user input without sanitization.

Products Affected

Vendor Product Version
italtel embrace 1.6.4