Search
Find a vulnerability
Search criteria
6 vulnerabilities found for mantaray_nm by nokia
CVE-2025-24819 (GCVE-0-2025-24819)
Vulnerability from nvd – Published: 2026-04-07 15:14 – Updated: 2026-04-07 17:56
VLAI
Title
A Relative Path Traversal vulnerability in Nokia MantaRay NM
Summary
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nokia | MantaRay NM |
Affected:
earlier than 25R1-NM (exclusive)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T17:46:21.365319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T17:56:15.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MantaRay NM",
"vendor": "Nokia",
"versions": [
{
"status": "affected",
"version": "earlier than 25R1-NM (exclusive)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T15:14:42.719Z",
"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"shortName": "Nokia"
},
"references": [
{
"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24819/"
}
],
"title": "A Relative Path Traversal vulnerability in Nokia MantaRay NM",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"assignerShortName": "Nokia",
"cveId": "CVE-2025-24819",
"datePublished": "2026-04-07T15:14:42.719Z",
"dateReserved": "2025-01-24T13:25:43.870Z",
"dateUpdated": "2026-04-07T17:56:15.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24818 (GCVE-0-2025-24818)
Vulnerability from nvd – Published: 2026-04-07 15:13 – Updated: 2026-04-07 20:11
VLAI
Title
An OS Command Injection vulnerability in Nokia MantaRay NM
Summary
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nokia | MantaRay NM |
Affected:
Earlier than 25R1-NM (exclusive)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T20:11:08.674316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T20:11:29.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MantaRay NM",
"vendor": "Nokia",
"versions": [
{
"status": "affected",
"version": "Earlier than 25R1-NM (exclusive)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T15:13:22.492Z",
"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"shortName": "Nokia"
},
"references": [
{
"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24818/"
}
],
"title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"assignerShortName": "Nokia",
"cveId": "CVE-2025-24818",
"datePublished": "2026-04-07T15:13:22.492Z",
"dateReserved": "2025-01-24T13:25:43.870Z",
"dateUpdated": "2026-04-07T20:11:29.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24817 (GCVE-0-2025-24817)
Vulnerability from nvd – Published: 2026-04-07 15:09 – Updated: 2026-04-08 16:15
VLAI
Title
An OS Command Injection vulnerability in Nokia MantaRay NM
Summary
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nokia | MantaRay NM |
Affected:
Earlier than 25R1-NM (exclusive)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T15:47:32.334342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:15:12.963Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MantaRay NM",
"vendor": "Nokia",
"versions": [
{
"status": "affected",
"version": "Earlier than 25R1-NM (exclusive)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T15:09:47.125Z",
"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"shortName": "Nokia"
},
"references": [
{
"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/"
}
],
"title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"assignerShortName": "Nokia",
"cveId": "CVE-2025-24817",
"datePublished": "2026-04-07T15:09:47.125Z",
"dateReserved": "2025-01-24T13:25:43.869Z",
"dateUpdated": "2026-04-08T16:15:12.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24819 (GCVE-0-2025-24819)
Vulnerability from cvelistv5 – Published: 2026-04-07 15:14 – Updated: 2026-04-07 17:56
VLAI
Title
A Relative Path Traversal vulnerability in Nokia MantaRay NM
Summary
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nokia | MantaRay NM |
Affected:
earlier than 25R1-NM (exclusive)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T17:46:21.365319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T17:56:15.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MantaRay NM",
"vendor": "Nokia",
"versions": [
{
"status": "affected",
"version": "earlier than 25R1-NM (exclusive)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T15:14:42.719Z",
"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"shortName": "Nokia"
},
"references": [
{
"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24819/"
}
],
"title": "A Relative Path Traversal vulnerability in Nokia MantaRay NM",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"assignerShortName": "Nokia",
"cveId": "CVE-2025-24819",
"datePublished": "2026-04-07T15:14:42.719Z",
"dateReserved": "2025-01-24T13:25:43.870Z",
"dateUpdated": "2026-04-07T17:56:15.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24818 (GCVE-0-2025-24818)
Vulnerability from cvelistv5 – Published: 2026-04-07 15:13 – Updated: 2026-04-07 20:11
VLAI
Title
An OS Command Injection vulnerability in Nokia MantaRay NM
Summary
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nokia | MantaRay NM |
Affected:
Earlier than 25R1-NM (exclusive)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T20:11:08.674316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T20:11:29.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MantaRay NM",
"vendor": "Nokia",
"versions": [
{
"status": "affected",
"version": "Earlier than 25R1-NM (exclusive)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T15:13:22.492Z",
"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"shortName": "Nokia"
},
"references": [
{
"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24818/"
}
],
"title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"assignerShortName": "Nokia",
"cveId": "CVE-2025-24818",
"datePublished": "2026-04-07T15:13:22.492Z",
"dateReserved": "2025-01-24T13:25:43.870Z",
"dateUpdated": "2026-04-07T20:11:29.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-24817 (GCVE-0-2025-24817)
Vulnerability from cvelistv5 – Published: 2026-04-07 15:09 – Updated: 2026-04-08 16:15
VLAI
Title
An OS Command Injection vulnerability in Nokia MantaRay NM
Summary
Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nokia | MantaRay NM |
Affected:
Earlier than 25R1-NM (exclusive)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-24817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T15:47:32.334342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:15:12.963Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "MantaRay NM",
"vendor": "Nokia",
"versions": [
{
"status": "affected",
"version": "Earlier than 25R1-NM (exclusive)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application."
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T15:09:47.125Z",
"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"shortName": "Nokia"
},
"references": [
{
"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/"
}
],
"title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
"assignerShortName": "Nokia",
"cveId": "CVE-2025-24817",
"datePublished": "2026-04-07T15:09:47.125Z",
"dateReserved": "2025-01-24T13:25:43.869Z",
"dateUpdated": "2026-04-08T16:15:12.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}