Vulnerabilities (CVE)

Filtered by vendor Riello-ups Subscribe

Filtered by product Netman 208

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-68916	1 Riello-ups	1 Netman 208	2026-01-02	N/A	9.1 CRITICAL
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution.
CVE-2025-68914	1 Riello-ups	1 Netman 208	2026-01-02	N/A	6.5 MEDIUM
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table.
CVE-2025-68915	1 Riello-ups	1 Netman 208	2026-01-02	N/A	5.5 MEDIUM
Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner.