← back
CVE-2014-9618

CVE-2014-9618

EPSS 73.3%
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 73.3%KEV nãoPoC públicaNuclei simMetasploit Patch
Lifecycle
21 Aug 2015Public PoC
19 Sep 2017Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.