45 matches found
CVE-2022-26291
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaqdecompressbuf and clearrulist. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted Irz file...
CVE-2022-27226
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
EUVD-2016-3393
Malware in sbrugna...
EUVD-2021-19156
Malware in sbrugna...
EUVD-2022-31735
Malicious code in bioql PyPI...
EUVD-2022-30852
Malicious code in bioql PyPI...
CVE-2021-32302
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter...
IRZ RUH2 Insufficient Verification of Data Authenticity (CVE-2016-2309)
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
IRZ Mobile Routers Cross-Site Request Forgery (CVE-2022-27226)
A CSRF issue in /api/crontab on iRZ Mobile Routers through 20.6.1 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor...
IRZ RUH2 Cross-site Scripting (CVE-2021-32302)
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...
CVE-2021-32302
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter...
Cross site scripting
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter...
PT-2023-12164 · Irz Electronics · Irz Electronics Ruh2 Gsm Router
Name of the Vulnerable Software and Affected Versions: IRZ Electronics RUH2 GSM router affected versions not specified Description: The issue allows an attacker to obtain sensitive information via the Upload File parameter. This is a Cross Site Scripting vulnerability. Recommendations: At the...
iRZ Mobile Routers 跨站脚本漏洞
iRZ Mobile Routers is a series of mobile routers from the Russian company iRZ. A security vulnerability exists in iRZ Mobile Routers. An attacker could use this vulnerability to obtain sensitive information via the Upload File parameter...
CVE-2021-32302
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter...
CVE-2021-32302
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter...
CVE-2021-32302
CVE-2021-32302 affects IRZ Electronics RUH2 GSM router. The vulnerability is a Cross Site Scripting (XSS) flaw in the router’s vulnerability surface exposed via the Upload File parameter , enabling an attacker to obtain sensitive information. Root cause and details are corroborated by multiple so...
The vulnerability of iRZ mobile router microprogramming software, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.
The vulnerability of iRZ mobile router microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack...
IRZ Mobile Router Remote Code Execution (CVE-2022-27226)
A remote code execution vulnerability exists in IRZ Mobile Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2022-26291
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaqdecompressbuf and clearrulist. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted Irz file...