Scaner-VSvulnerability catalog · v4.2

Home Catalog Sources CWE CAPEC ATT&CK Mitigations Products Vendors Docs

← Back to List

Riello-ups›Applicationnvd

Netman 208

Vulnerabilities

3

Known exploited

0

Max CVSS

7.2

Top EPSS

0.02251

Severity breakdown

Critical

0

High

1

Medium

2

Low

0

Affected version ranges

< 1.12

Also matched as (raw): netman_208

Top vulnerabilities

CVE-2025-68916Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution.

CVE-2025-68914Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table.

CVE-2025-68915Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner.

View vendor →Open in catalog with product filter →