Vulnerabilities in Riello

5 results

CVE-2024-8877MEDIUMSQL InjectionEPSS 77.3%CVE-2025-68916CRITICALRiello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code exEPSS 2.3%CVE-2024-8878CRITICALUnauthenticated Password ResetEPSS 1.3%CVE-2025-68914MEDIUMRiello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINEPSS 0.2%CVE-2025-68915MEDIUMRiello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner.EPSS 0.2%