CVE-2022-26446

CVE-2022-26446 affects the Modem 4G RRC. The root cause is improper input validation in handling certain SIB12 (CMAS message) input, causing a system crash and remote denial of service. Exploitation is described as possible without additional execution privileges and without user interaction. The...

PT-2022-17856 · Unknown · Modem 4G Rrc

Name of the Vulnerable Software and Affected Versions: Modem 4G RRC affected versions not specified Description: The issue is related to improper input validation in the Modem 4G RRC, which can cause a system crash. This can lead to a remote denial of service when a specially crafted SIB12 CMAS...

Intel® XMM™ 7560 Modem November 2022 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® XMM™ 7560 Modem software, which might allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential vulnerabilities. HP...

CVE-2022-26446

In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 CMAS message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883;...

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Rapid7 was back this year at DEF CON 30 participating at the IoT Village with another hands-on hardware hacking exercise, with the goal of teaching attendees' various concepts and methods for IoT hacking. Over the years, these exercises have covered several different embedded device topics,...

CVE-2022-22067

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

CVE-2022-22067

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

Memory corruption

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

CVE-2022-22067

CVE-2022-22067 affects Qualcomm Snapdragon modems (Auto/Compute/Connectivity/Mobile). The issue is a memory leak during NSA RRC Reconfiguration with an invalid Radio Bearer Config, rooted in the modem component. Documented impact includes high confidentiality, integrity, and availability concerns...

CVE-2022-22067

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

PT-2022-15216 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a potential memory leak in the modem during the processing of NSA RRC Reconfiguration with an invalid Radio Bearer Config. This affects various Snapdrago...

CVE-2022-36200

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

CVE-2022-36200

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

Design/Logic Flaw

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

CVE-2022-36200

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

CVE-2022-36200

CVE-2022-36200 affects FiberHome VDSL2 Modem HG150-Ub_V3.0. The admin credentials are submitted in the URL, creating risk of logging/sniffing and exposure of confidential data. The vulnerability is described across multiple sources (NVD entry mirrors a network-accessible issue with high impact on...

PT-2022-23256 · Fiberhome · Fiberhome Vdsl2 Modem Hg150-Ub

Name of the Vulnerable Software and Affected Versions: FiberHome VDSL2 Modem HG150-Ub version V3.0 Description: The issue concerns the submission of admin credentials in URLs, which can be logged or sniffed. This poses a risk as sensitive information can be captured and exploited. Recommendations...

CVE-2022-35192

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service DoS via the User parameter or Pwd parameter to Login.asp...

CVE-2022-35191

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service DoS via a crafted HTTP connection request...

Cross site request forgery (csrf)

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service DoS via a crafted HTTP connection request...