31 matches found
VulnCheck KEV: CVE-2022-31208
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...
CVE-2022-31210
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...
CVE-2022-31209
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy without checking the string length beforehand...
CVE-2022-31211
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default...
EUVD-2022-52795
Malicious code in bioql PyPI...
EUVD-2022-52794
Malicious code in bioql PyPI...
EUVD-2022-52792
Malicious code in bioql PyPI...
EUVD-2022-52793
Malicious code in bioql PyPI...
CVE-2022-31208
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...
CVE-2022-31211
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default...
CVE-2022-31208
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...
CVE-2022-31210
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...
CVE-2022-31211
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default...
CVE-2022-31210
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...
CVE-2022-31210
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...
CVE-2022-31208
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...
CVE-2022-31209
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy without checking the string length beforehand...
Hardcoded credentials
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/setparam.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts...
Default credentials
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default...
Code injection
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmdstring URL parameter...