Lucene search
HistoryJul 14, 2022 - 3:15 p.m.
CVE-2022-29593
dingtian dt-r002
relay devices
firmware 3.1.276a
http post requests
authentication
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.006
Percentile
79.3%
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
Affected configurations
Node
dingtian-techdt-r004_firmwareMatch3.1.276a
dingtian-techdt-r004Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dingtian-tech | dt-r004_firmware | 3.1.276a | cpe:2.3:o:dingtian-tech:dt-r004_firmware:3.1.276a:*:*:*:*:*:*:* |
| dingtian-tech | dt-r004 | - | cpe:2.3:h:dingtian-tech:dt-r004:-:*:*:*:*:*:*:* |
References
Related
githubexploit
githubexploit
prion
prion
Cross site request forgery (csrf)
2022-07-14 15:15:00
zdt
zdt
Dingtian-DT-R002 3.1.276A - Authentication Bypass Exploit
2022-07-31 00:00:00
ics
ics
Dingtian DT-R002
2023-10-26 12:00:00
exploitdb
exploitdb
Dingtian-DT-R002 3.1.276A - Authentication Bypass
2022-07-29 00:00:00
packetstorm
packetstorm
Dingtian-DT-R002 3.1.276A Authentication Bypass
2022-07-29 00:00:00
cve
cve
CVE-2022-29593
2022-07-14 15:15:08
cvelist
cvelist
CVE-2022-29593
2022-07-14 14:56:44
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.006
Percentile
79.3%
Related for NVD:CVE-2022-29593