CVE-2022-34845

A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-34845

CVE-2022-34845 affects Robustel R1510 (versions 3.1.16 and 3.3.0). Talos details a sysupgrade/firmware-update vulnerability where a specially crafted network sequence can trigger arbitrary firmware updates via the web/API flow: /action/import_firmware followed by /ajax/system_upgrade_start, which...

Robustel R1510 sysupgrade firmware update vulnerability

Talos Vulnerability Report TALOS-2022-1580 Robustel R1510 sysupgrade firmware update vulnerability October 14, 2022 CVE Number CVE-2022-34845 SUMMARY A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can...

CVE-2022-34845

creationtimestamp| type| source ---|---|--- 2022-10-13 15:05:03+00:00| seen| https://t.me/truesecator/3558 2022-10-13 17:22:33+00:00| seen| https://t.me/icscert/629 2022-10-25 20:27:04+00:00| seen| https://t.me/cibsecurity/52034...

Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...