3 matches found
CVE-2022-33897
A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-33897
CVE-2022-33897 describes a directory traversal in Robustel R1510 3.1.16, exposed via the web_server /ajax/remove/ API. The vulnerability arises from how the API constructs the target path from the provided file_name and folder selection, allowing an attacker to trigger an rm -rf operation on arbi...
Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability
Talos Vulnerability Report TALOS-2022-1579 Robustel R1510 webserver /ajax/remove/ directory traversal vulnerability October 14, 2022 CVE Number CVE-2022-33897 SUMMARY A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A...