Browse all 3 CVE security advisories affecting Netwin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NetWin develops network and server software, primarily for email and web services. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with three CVEs currently recorded. Security researchers have identified authentication bypass flaws and insecure default configurations in their offerings. While no major public security incidents have been widely reported, the consistent presence of critical vulnerabilities in their software suggests a need for robust patch management. Organizations using NetWin solutions should prioritize regular updates and hardening to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2012-10028 | Netwin SurgeFTP <= v23c8 Authenticated RCE — SurgeFTPCWE-78 | 8.8AI | HighAI | 2025-08-05 |
| CVE-2024-11990 | Cross-Site Scripting (XSS) en SurgeMail de NetWin — SurgeMailCWE-79 | 4.6 | Medium | 2024-11-29 |
| CVE-2024-7209 | CVE-2024-7209 — NetWin | 7.5AI | HighAI | 2024-07-30 |
This page lists every published CVE security advisory associated with Netwin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.