EUVD-2023-29051

Malicious code in bioql PyPI...

Multiple Seiko Solutions Products Security Breach

Seiko Solutions SkyBridge MB-A100/A110 is an LTE-compatible IoT router from Seiko Solutions, Japan. A security vulnerability exists in SkyBridge MB-A100/MB-A110 version 4.2.2 and earlier, SkyBridge BASIC MB-A130 version 1.5.5 and earlier, which stems from a command injection vulnerability that ca...

PT-2024-24913 · Unknown · Skybridge Basic Mb-A130 +1

Name of the Vulnerable Software and Affected Versions: SkyBridge MB-A100/MB-A110 versions 4.2.2 and earlier SkyBridge BASIC MB-A130 versions 1.5.5 and earlier Description: The issue is related to improper neutralization of special elements used in a command, also known as 'Command Injection'. Thi...

CVE-2023-25072

Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...

CVE-2023-24586

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product...

CVE-2023-23906

Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product...

CVE-2023-22361

Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product...

CVE-2023-22361

CVE-2023-22361 affects Seiko Solutions SkyBridge MB-A100/110 firmware (4.2.0 and earlier) and is caused by improper privilege management that allows a remote authenticated attacker to alter the WebUI password. The connected documents provide concrete remediation guidance: update to SkyBridge MB-A...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A100/110 firmware version 4.2.0 and earlier versions, which originates from storing sensitive information in clear text...

CVE-2023-25072

CVE-2023-25072 affects Seiko Solutions SkyBridge MB-A100/110 (firmware v4.2.0 and earlier). The weakness is use of weak credentials, which may let a remote unauthenticated attacker decrypt the WebUI password. Affected components are the SkyBridge WebUI authentication/credential handling; root cau...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier versions. An attacker could exploit the vulnerability to decrypt the password of the product's WebUI...

CVE-2023-23906

The CVE-2023-23906 entry concerns Seiko Solutions SkyBridge MB-A100/110 firmware versions 4.2.0 and earlier, where missing authentication for a critical function may allow a remote unauthenticated attacker to execute actions such as rebooting the product. Supported connected documents confirm aff...

CVE-2023-25070

CVE-2023-25070 concerns SkyBridge MB-A100/110 firmware 4.2.0 and earlier, where cleartext transmission enables a remote, unauthenticated attacker to eavesdrop on or alter administrator communications if Telnet is enabled. Red Hat/RedHat Enterprise advisories and related sources confirm the issue ...

PT-2023-19693 · Unknown · Skybridge Mb-A100/110

Name of the Vulnerable Software and Affected Versions: SkyBridge MB-A100/110 firmware versions 4.2.0 and earlier Description: Cleartext storage of sensitive information exists, which may allow a remote authenticated attacker to obtain an APN credential for the product. Recommendations: For...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A100/110 firmware version 4.2.0 and earlier versions, which originates from storing sensitive information in clear text. An attacker could exploit the...

CVE-2022-36556

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...

CVE-2022-36558

Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...

CVE-2022-36558

Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...

CVE-2022-36557

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file...

CVE-2022-36557

CVE-2022-36557 affects Seiko SkyBridge MB-A100/MB-A110 (firmware v4.2.0 and earlier). The issue is an arbitrary file upload via the restore backup function that can lead to arbitrary code execution through a crafted HTML file. Remediation per connected documents: update to SkyBridge MB-A100/110 f...