EUVD-2024-41570

Malicious code in bioql PyPI...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...

CVE-2024-52564

Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or...

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software lies in the improper assignment of permissions for critical resources, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the microprogrammed routing software of I-O Data Device UD-LT1 and UD-LT1/EX exists due to the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming systems exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the microprogrammed routing software of I-O Data Device UD-LT1 and UD-LT1/EX arises from the lack of measures to neutralize specific elements, allowing attackers to circumvent existing security restrictions.

The vulnerability of the microprogrammed routing software of I-O Data Device UD-LT1 and UD-LT1/EX exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary commands...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...

CVE-2024-47133

UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands...

CVE-2024-52564

Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or...

CVE-2024-52564

Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or...

CVE-2024-47133

CVE-2024-47133 affects I-O DATA Device UD-LT1 and UD-LT1/EX. A logged-in user with an administrative account can execute arbitrary OS commands due to OS command injection in the firmware. Root cause: inadequate input handling in the affected firmware, enabling command execution from privileged co...

CVE-2024-47133

UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...

CVE-2024-45841

CVE-2024-45841 affects I-O DATA UD-LT1 and UD-LT1/EX routers. The issue is an incorrect permission assignment for a critical resource (CWE-732) that lets a user with a guest account read sensitive files, including credentials. JVN/CVE records and vendor notices confirm this vulnerability and indi...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...

I-O Data Device UD-LT1和UD-LT1/EX 安全漏洞

I-O Data Device UD-LT1 and I-O Data Device UD-LT1/EX are both products of I-O Data Device Japan.I-O Data Device UD-LT1 is a hybrid LTE router.I-O Data Device UD-LT1/EX is a hybrid LTE router , which is the successor to the IO DATA UD-LT1 router. A security vulnerability exists in I-O DATA DEVICE...

I-O Data Device UD-LT1和I-O Data Device UD-LT1/EX 安全漏洞

I-O Data Device UD-LT1 and I-O Data Device UD-LT1/EX are both products of I-O Data Device Japan.I-O Data Device UD-LT1 is a hybrid LTE router.I-O Data Device UD-LT1/EX is a hybrid LTE router and is the successor to the IO DATA UD-LT1 router. A security vulnerability exists in I-O Data Device UD-L...

Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX

Overview UD-LT1 and UD-LT1/EX provided by I-O DATA DEVICE, INC. contain multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2024-45841 OS Command Injection CWE-78 - CVE-2024-47133 Inclusion of Undocumented Features CWE-1242 - CVE-2024-52564 T...

PT-2024-9438 · I O Data Device · Ud-Lt1/Ex +1

Name of the Vulnerable Software and Affected Versions: I-O Data Device UD-LT1 versions 2.1.9 and earlier I-O Data Device UD-LT1/EX versions 2.1.9 and earlier Description: The issue allows a remote authenticated attacker with an administrative account to execute arbitrary OS commands. This is due ...

I-O Data Device UD-LT1和I-O Data Device UD-LT1/EX 安全漏洞

I-O Data Device UD-LT1 and I-O Data Device UD-LT1/EX are both products of I-O Data Device Japan.I-O Data Device UD-LT1 is a hybrid LTE router.I-O Data Device UD-LT1/EX is a hybrid The I-O Data Device UD-LT1/EX is a hybrid LTE router that is the successor to the IO DATA UD-LT1 router. A security...