2 matches found
CVE-2022-33150
CVE-2022-33150 affects Robustel R1510 (3.1.16). Talos details reveal an OS command injection in the web server’s Node.js app import flow: the /action/import_nodejs_app/ sets FILENAME to /tmp/upload/, which is then passed to js_package install via /ajax/system_nodejs_app_upgrade_start/. The js_pac...
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...