42 matches found
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
Cross site scripting
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
CVE-2022-34020
The CVE-2022-34020 entry concerns ResIOT IOT Platform + LoRaWAN Network Server (up to version 4.1.1000114). A Cross Site Request Forgery (CSRF) vulnerability could allow an attacker to add new admin users, with other unspecified impacts mentioned across sources. Reported impact severity is high (...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
PT-2022-21972 · Unknown · Resiot Iot Platform +1
Name of the Vulnerable Software and Affected Versions: ResIOT IOT Platform + LoRaWAN Network Server versions through 4.1.1000114 Description: The issue concerns multiple Cross Site Scripting XSS vulnerabilities. These vulnerabilities can be exploited via the form fields. Recommendations: For...
CVE-2022-34022
CVE-2022-34022 is a SQL injection in the ResIOT IOT Platform + LoRaWAN Network Server up to version 4.1.1000114, exploitable via a crafted POST to /ResiotQueryDBActive. The vulnerability affects the API handling input to that endpoint, leading to potential unauthorized data access or modification...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
CVE-2022-34021
CVE-2022-34021 affects ResIOT IOT Platform + LoRaWAN Network Server up to version 4.1.1000114, with multiple XSS vulnerabilities exploitable via form fields. Reported severity CVSS v3.1 base score 5.4 (Medium). Remediation guidance in PT-Security PR notes a fix-containing version, but no specific...
Malicious code in lorawan-devices (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 807c36b91d0868706c742befe9b55d66f71990dbbe7c4e777ac9aa84cbc8a2a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4399 Malicious code in lorawan-devices (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 807c36b91d0868706c742befe9b55d66f71990dbbe7c4e777ac9aa84cbc8a2a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The stack is the root of LoRaWAN implementation and security. We hope to help users secure it and make LoRaWAN communication resistant ...
Protecting LoRaWAN Hardware from Attacks in the Wild
In the last article of our LoRaWAN series, we present dangerous hardware attacks that could affect organizations using this technology. These attacks are particularly worrying because many LoRaWAN devices are deployed in unsecured locations...
openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : wireshark (openSUSE-2020-362)
This update for wireshark and libmaxminddb fixes the following issues : Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support bsc1156288. New features include : - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC -...