Nokia Security Vulnerabilities (CVEs)
Track 25 security vulnerabilities affecting Nokia products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Infinera DNA is vulnerable to time-based SQL injection due to insufficient input validation, allowing attackers to extract sensitive information from ...
Feb 5, 2026This critical vulnerability in Infinera MTC-9's remote shell service allows unauthenticated attackers to gain full system access via reverse shells us...
Dec 8, 2025An improper SSH configuration in Infinera MTC-9 allows unauthenticated attackers to execute arbitrary commands and access the file system. This affect...
Dec 8, 2025An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 allows attackers to make the appliance send HTTPS requests to in...
Dec 8, 2025An improper input validation vulnerability in Infinera MTC-9 allows remote unauthenticated attackers to send crafted XML payloads that crash the servi...
Dec 8, 2025This vulnerability allows remote authenticated users to send specially crafted XML payloads to the Netconf service in Infinera MTC-9 appliances, causi...
Dec 8, 2025This vulnerability allows authenticated administrators to execute arbitrary operating system commands through the web application's user management in...
Jul 21, 2025This vulnerability allows remote command injection in a web application, enabling attackers to execute arbitrary operating system commands with web se...
Jul 21, 2025This vulnerability allows remote authenticated users with Network Administrator privileges in Infinera G42 version R6.1.3 to read and write arbitrary ...
Jul 2, 2025A path traversal vulnerability in Infinera G42's WebGUI HTTP endpoint allows authenticated remote users to download any readable files from the operat...
Jul 2, 2025Infinera TNMS 19.10.3 has an insecure default SFTP server configuration that allows attackers to traverse outside the designated user home directory. ...
Oct 1, 2024CVE-2024-25660 allows low-privileged remote attackers to perform unauthorized file operations through the WebDAV service in Infinera TNMS due to exces...
Oct 1, 2024CVE-2024-25661 allows guest OS administrators on systems running Infinera TNMS Client 19.10.3 to extract user passwords from memory dumps due to clear...
Oct 1, 2024CVE-2022-39822 is a SQL injection vulnerability in Nokia NFM-T R19.9's VM Manager WebUI that allows authenticated attackers to execute arbitrary SQL c...
Dec 25, 2023This vulnerability allows remote attackers with administrator privileges to execute arbitrary commands on Chunghwa Telecom NOKIA G-040W-Q routers thro...
Nov 3, 2023This vulnerability in Chunghwa Telecom NOKIA G-040W-Q routers allows unauthenticated remote attackers to send crafted ICMP redirect messages to manipu...
Nov 3, 2023This vulnerability allows unauthenticated remote attackers to bypass CAPTCHA protection on Chunghwa Telecom NOKIA G-040W-Q routers, enabling automated...
Nov 3, 2023This vulnerability in Nokia WaveLite products allows local users to create new administrative accounts by manipulating web requests when security hard...
Oct 4, 2023CVE-2022-41763 is a remote code execution vulnerability in NOKIA AMS 9.7.05 where authenticated remote users can inject code via the debugger of the i...
Sep 5, 2023CVE-2022-28864 is a CSV injection vulnerability in Nokia NetAct's Administration of Measurements website section. Malicious users can inject code into...
Jul 24, 2023This CSRF vulnerability in Nokia NetAct allows attackers to create users with arbitrary privileges, including administrative accounts, by tricking aut...
Jul 24, 2023This vulnerability allows attackers to execute arbitrary SQL commands through the UserName parameter in NOKIA VitalSuite SPM 2020. Successful exploita...
Jun 16, 2022This vulnerability allows unauthenticated attackers to bypass authentication on Nokia BTS TRS web consoles by using URL encoding for the dot character...
Feb 11, 2022This vulnerability in Nokia FastMile 3TG00118ABAD52 devices allows authenticated users to escalate privileges by manipulating the 'is_ctc_admin=1' par...
Dec 27, 2021This vulnerability is a heap buffer overflow in the HEIF library's HEVC decoder configuration record parser. Attackers can exploit this to execute arb...
Sep 20, 2021Why Monitor Nokia Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 25+ known vulnerabilities affecting Nokia products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Nokia packages in under 60 seconds. No agents required - completely agentless scanning that works across Nokia deployments.
Free vulnerability database: Access detailed information about every Nokia CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Nokia CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
