CVE-2023-0011 Command Execution through Serial Interface of u-blox TOBY-L2

A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial...

PT-2023-15946 · Toby-L200 +4 · Toby-L200 +4

Name of the Vulnerable Software and Affected Versions: TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280 Description: A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This issue...

CVE-2023-47304

An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...

PT-2023-30404 · Vonage · Vonage Box Telephone Adapter Vdv23

Name of the Vulnerable Software and Affected Versions: Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1 Description: An issue was discovered that allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device. This issue...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

Improper access control

UNSUPPORTED WHEN ASSIGNED D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

PT-2023-6407 · D Link · Dsl-2750U +1

Name of the Vulnerable Software and Affected Versions: D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ affected versions not specified Description: The issue is related to Incorrect Access Control in the D-Link routers. The UART/Serial interface on the PCB provides log output...

Security Vulnerabilities in Some D-Link Products

The D-Link DSL-2730U is a router from China-based AUO D-Link. A security vulnerability exists in the D-Link DSL-2730U and DSL-2750U that stems from the UART/serial interface on the PCB providing logging output and root privilege termination without proper access control...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

The vulnerability of the microprogramming software of Advantech EKI-1524, EKI-1522, and EKI-1521 allows a perpetrator to execute arbitrary commands.

The vulnerability of microprogrammed software in the serial interface servers of Advantech EKI-1524, EKI-1522, and EKI-1521 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to...

CVE-2023-34724

An issue was discovered in TECHView LA5570 Wireless Gateway 1.0.19T53, allows physical attackers to gain escalated privileges via the UART interface...

CVE-2023-34724

An issue was discovered in TECHView LA5570 Wireless Gateway 1.0.19T53, allows physical attackers to gain escalated privileges via the UART interface...

TechView LA-5570 安全漏洞

The TechView LA-5570 is a wireless router. A security vulnerability exists in the TechView LA-5570 version 1.0.19T53,which originates from a vulnerability that allows an attacker to gain escalated privileges via the UART interface...

PT-2023-9234 · U-Boot · U-Boot

Name of the Vulnerable Software and Affected Versions: u-boot affected versions not specified Description: The issue is related to a bug in u-boot that allows for access to the u-boot shell and interrupt over UART. This is caused by a buffer overflow in memory. An attacker could exploit this to...

Tenda CP3 安全漏洞

Tenda CP3 is a smart camera from Tenda, China. A security vulnerability exists in Tenda CP3 version V11.10.00.2211041355, which stems from the device not disabling physical access to the U-Boot via UART, resulting in the display of a Wi-Fi password, which can be exploited by an attacker to insert...

TP-LINK Tapo C200 安全漏洞

The TP-LINK Tapo C200 is a webcam device from China P&L TP-LINK. A security vulnerability exists in TP-LINK Tapo C200 version V1, which stems from an access control issue that allows a physically proximate attacker to gain root access by connecting to the UART pin, interrupting the boot process,...

CVE-2022-46144

A vulnerability has been identified in SCALANCE SC622-2C 6GK5622-2GS00-2AC2 All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 6GK5766-1GE00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 US 6GK5766-1GE00-7DB0 All...

CVE-2022-46144

A vulnerability has been identified in SCALANCE SC622-2C 6GK5622-2GS00-2AC2 All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 6GK5766-1GE00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 US 6GK5766-1GE00-7DB0 All...