Browse all 4 CVE security advisories affecting Netcore. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Netcore provides email marketing and customer engagement solutions, enabling businesses to manage email campaigns and customer communications. Historically, the platform has been susceptible to various vulnerability classes, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, with four CVEs documented to date. These vulnerabilities often stem from insufficient input validation and improper access controls in web interfaces and APIs. While no major public security incidents have been widely reported, the presence of multiple CVEs indicates ongoing security challenges that require continuous patching and robust input sanitization to prevent potential exploitation by malicious actors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5147 | Netcore NBR1005GPEV2/NBR200V2/B6V2 network_tools tools_ping command injection — NBR1005GPEV2CWE-77 | 6.3 | Medium | 2025-05-25 |
| CVE-2025-5146 | Netcore NBR200V2 HTTP Header routerd passwd_set command injection — NBR1005GPEV2CWE-77 | 6.3 | Medium | 2025-05-25 |
| CVE-2025-5145 | Netcore POWER13 Query String cgi-bin command injection — NBR1005GPEV2CWE-77 | 6.3 | Medium | 2025-05-25 |
This page lists every published CVE security advisory associated with Netcore. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.