CVE-2025-32986

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.

7.5HIGH

CVE-2025-32985

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.

9.8CRITICAL

CVE-2025-32984

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.

6.1MEDIUM

CVE-2025-32983

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.

7.5HIGH

CVE-2025-32982

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.

7.5HIGH

CVE-2025-32981

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.

7.1HIGH

CVE-2025-32979

< 6.4.0

NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.

6.5MEDIUM

CVE-2023-27000

all versions

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the

6.1MEDIUM

CVE-2023-26999

all versions

An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via

9.8CRITICAL

CVE-2023-26998

all versions

Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the

5.4MEDIUM

CVE-2023-41905

all versions

NETSCOUT nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting (XSS) vulnerability by an authenticated user.

5.4MEDIUM

CVE-2023-41172

all versions

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 4 of 4).

5.4MEDIUM

CVE-2023-41171

all versions

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 3 of 4).

5.4MEDIUM

CVE-2023-41170

all versions

NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability.

6.1MEDIUM

CVE-2023-41169

all versions

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 2 of 4).

5.4MEDIUM

CVE-2023-41168

all versions

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 1 of 4).

5.4MEDIUM

CVE-2022-44718

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login,

3.5LOW

CVE-2022-44717

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 1 of 2). After successful login,

3.1LOW

CVE-2022-44715

all versions

Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a craft

8.8HIGH

CVE-2022-44029

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6.

6.1MEDIUM

CVE-2022-44028

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6.

6.1MEDIUM

CVE-2022-44027

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6.

6.1MEDIUM

CVE-2022-44026

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6.

6.1MEDIUM

CVE-2022-44025

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6.

6.1MEDIUM

CVE-2022-44024

all versions

An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 1 of 6.

6.1MEDIUM

CVE-2021-45983

all versions

NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.

9.8CRITICAL

CVE-2021-45982

all versions

NetScout nGeniusONE 6.3.2 allows Arbitrary File Upload by a privileged user.

8.8HIGH

CVE-2021-45981

all versions

NetScout nGeniusONE 6.3.2 allows an XML External Entity (XXE) attack.

9.8CRITICAL

CVE-2021-35205

all versions

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector.

5.4MEDIUM

CVE-2021-35204

all versions

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint.

5.4MEDIUM

CVE-2021-35203

all versions

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint.

5.7MEDIUM

CVE-2021-35202

all versions

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService.

4.3MEDIUM

CVE-2021-35201

all versions

NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.

6.5MEDIUM

CVE-2021-35200

all versions

NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService.

4.8MEDIUM

CVE-2021-35199

<= 6.3.0

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile.

5.4MEDIUM

CVE-2021-35198

<= 6.3.0

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module.

5.4MEDIUM