3 matches found
CVE-2016-2309
CVE-2016-2309 affects iRZ RUH2 prior to 2b: Unrestricted upload of firmware patches (CWE-434) allows remote authenticated users to upload unvalidated patches, potentially modifying firmware/data or causing DoS. Affected product: RUH2 serial-to-network converter. Root cause: firmware patch validat...
CVE-2016-2309
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...
IRZ RUH2 3G Firmware Overwrite Vulnerability (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-138-01 iRZ RUH2 3G Firmware Overwrite Vulnerability that was published May 17, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT has identified a firmware overwrite vulnerability in iRZ’s RUH2 device. iRZ has...