Browse all 4 CVE security advisories affecting NHI. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NHI is a network infrastructure device primarily used for remote access and VPN connectivity. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. The device often exposes management interfaces to untrusted networks, increasing attack surface. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities in access control and input validation suggests potential for compromise if not properly patched and segmented. Security researchers have noted that default configurations may leave systems exposed to unauthorized access.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-35219 | NHI card’s web service component - Stack-based Buffer Overflow-2 — card’s web service componentCWE-787 | 5.5 | Medium | 2022-08-02 |
| CVE-2022-35218 | NHI card’s web service component - Heap-based Buffer Overflow — card’s web service componentCWE-787 | 5.5 | Medium | 2022-08-02 |
| CVE-2022-35217 | NHI card’s web service component - Stack-based Buffer Overflow-1 — card’s web service componentCWE-787 | 7.8 | High | 2022-08-02 |
| CVE-2021-45918 | NHI’s health insurance web service component – Heap-based Buffer Overflow — health insurance web service componentCWE-122 | 7.5 | High | 2022-06-20 |
This page lists every published CVE security advisory associated with NHI. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.