4 matches found
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...
CVE-2022-33312
Multiple command injection vulnerabilities exist in the webserver action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The...
CVE-2022-33312
The provided documents confirm multiple OS command injection vulnerabilities in Robustel R1510’s web_server endpoints (notably /action/import_cert_file/, etc.) affecting 3.3.0 and 3.1.16 releases. TALOS details show unsafe use of user-supplied parameters with system()/sysprintf calls, including p...
Robustel R1510 web_server action endpoints OS command injection vulnerabilities
Summary Multiple command injection vulnerabilities exist in the webserver action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities. Tested...