19 matches found
EUVD-2022-48128
Malicious code in bioql PyPI...
EUVD-2022-48127
Malicious code in bioql PyPI...
CVE-2022-45228
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...
CVE-2022-45227
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...
CVE-2022-45228
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...
CVE-2022-45228
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...
CVE-2022-45227
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...
CVE-2022-45227
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...
Authentication flaw
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...
Cross site request forgery (csrf)
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...
Dragino Lora LG01 18ed40 IoT 安全漏洞
Dragino Lora LG01 18ed40 IoT is a gateway portal from Dragino. A security vulnerability exists in Dragino Lora LG01 18ed40 IoT v4.3.4, which stems from the portal having a directory listing at the URL https://10.10.20.74/lib/, which has a backup file that can be downloaded without any...
CVE-2022-45227
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...
CVE-2022-45228
CVE-2022-45228 affects Dragino Lora LG01 IoT v4.3.4: a Cross-Site Request Forgery exists in the logout page, caused by CSRF in the logout flow. Base score 3.5 (LOW) per NVD metrics. Exploitation details are not provided in the documents; one source (PT-2022-27447) recommends disabling the logout ...
CVE-2022-45228
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...
CVE-2022-45228
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...
CVE-2022-45227
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...
Dragino Lora LG01 18ed40 IoT 跨站请求伪造漏洞
Dragino Lora LG01 18ed40 IoT is a gateway portal from Dragino, Inc. A security vulnerability exists in Dragino Lora LG01 18ed40 IoT version v4.3.4, which stems from the inclusion of cross-site request forgery in the logout page...
PT-2022-27447 · Dragino · Dragino Lora Lg01
Name of the Vulnerable Software and Affected Versions: Dragino Lora LG01 18ed40 IoT version 4.3.4 Description: A Cross-Site Request Forgery issue was discovered in the logout page of the affected software. Recommendations: For Dragino Lora LG01 18ed40 IoT version 4.3.4, consider disabling the...
CVE-2022-45227
Dragino Lora LG01 IoT v4.3.4 web portal exposes a directory listing at /lib/ containing a backup file that can be downloaded without authentication. This leads to potential unauthorized exposure of sensitive data (confidentiality impact). The CVE entry notes high confidentiality impact with netwo...