5 matches found
CVE-2022-34850
An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-34850
CVE-2022-34850 affects Robustel R1510 web_server /action/import_authorized_keys/ in firmware versions 3.1.16 and 3.3.0. Talos reports an OS command injection vulnerability: the web server copies uploaded SSH key files into /home//.ssh/authorized_keys via a path that is built from user-controlled ...
Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1578 Robustel R1510 webserver /action/importauthorizedkeys/ OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-34850 SUMMARY An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of...
CVE-2022-34850
creationtimestamp| type| source ---|---|--- 2022-10-13 15:05:03+00:00| seen| https://t.me/truesecator/3558 2022-10-13 17:22:33+00:00| seen| https://t.me/icscert/629...
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...