CVE-2014-9614

CRITICAL NUCLEI

Netsweeper <4.0.5 - Info Disclosure

Title source: llm

Description

The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/.

Nuclei Templates (1)

Netsweeper 4.0.5 - Default Weak Account

CRITICALby daffainfo

References (1)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html

Scores

CVSS v3 9.8

EPSS 0.6954

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-798

Status published

Products (1)

netsweeper/netsweeper < 4.0.5

Published Feb 19, 2020

Tracked Since Feb 18, 2026