EUVD-2025-31136

Malicious code in bioql PyPI...

CVE-2025-10879

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication...

CVE-2025-10880

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request...

CVE-2025-10879

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication...

CVE-2022-29593

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

Dingtian DT-R002

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely/public exploits are available Vendor : Dingtian Equipment : DT-R002 Vulnerability : Authentication Bypass by Capture-Replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Dingtian-DT-R002 3.1.276A - Authentication Bypass Exploit

Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2022-29593/ Vendor Homepage: https://www.dingtian-tech.com/enus/relay4.html Software Link:...

Dingtian-DT-R002 3.1.276A Authentication Bypass

Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass Google Dork: NA Date: 13th July 2022 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2022-29593/ Vendor Homepage: https://www.dingtian-tech.com/enus/relay4.html Software Link:...

Dingtian-DT-R002 3.1.276A - Authentication Bypass

Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass Google Dork: NA Date: 13th July 2022 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2022-29593/ Vendor Homepage: https://www.dingtian-tech.com/enus/relay4.html Software Link:...

CVE-2022-29593

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

CVE-2022-29593

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

Cross site request forgery (csrf)

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

CVE-2022-29593

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

CVE-2022-29593

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

CVE-2022-29593

CVE-2022-29593 affects Dingtian DT-R002 2CH relay devices (firmware 3.1.276A). The vulnerability is in the relay_cgi.cgi component, allowing an attacker to replay HTTP POST requests without authentication, effectively causing an authentication bypass. Affected product/version: Dingtian DT-R002 2C...