Lucene search
MitreCVELIST:CVE-2022-27226HistoryMar 19, 2022 - 3:04 a.m.
CVE-2022-27226
2022-03-1903:04:03
mitre
www.cve.org
7
csrf
irz mobile routers
remote code execution
filesystem access
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor’s defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router’s default credentials aren’t rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction.
Related
checkpoint_advisories
checkpoint_advisories
IRZ Mobile Router Remote Code Execution (CVE-2022-27226)
2022-05-24 00:00:00
exploitdb
exploitdb
iRZ Mobile Router - CSRF to RCE
2022-03-22 00:00:00
githubexploit
githubexploit
Exploit for Cross-Site Request Forgery (CSRF) in Irz Ru21 Firmware
2022-03-16 17:45:12
prion
prion
Cross site request forgery (csrf)
2022-03-19 04:15:00
nvd
nvd
CVE-2022-27226
2022-03-19 04:15:08
zdt
zdt
iRZ Mobile Router - CSRF to Remote Code Execution Exploit
2022-03-22 00:00:00
attackerkb
attackerkb
CVE-2022-27226
2022-03-19 00:00:00
nessus
nessus
IRZ Mobile Routers Cross-Site Request Forgery (CVE-2022-27226)
2024-05-27 00:00:00
cve
cve
CVE-2022-27226
2022-03-19 04:15:08
packetstorm
packetstorm
iRZ Mobile Router Cross Site Request Forgery / Remote Code Execution
2022-03-22 00:00:00
thn
thn
New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt
2022-04-14 10:07:00