Lucene search
+L

42 matches found

NVD
NVD
added 2022/10/13 11:15 p.m.13 views

CVE-2022-34022

SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...

7.2CVSS0.00804EPSS
Exploits1References1
NVD
NVD
added 2022/10/13 11:15 p.m.17 views

CVE-2022-34021

Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...

5.4CVSS0.00443EPSS
Exploits1References1
Prion
Prion
added 2022/10/13 11:15 p.m.22 views

Cross site scripting

Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...

4.9CVSS5.4AI score0.00443EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/10/13 1:15 a.m.5 views

CVE-2022-34020

Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...

8.8CVSS5.8AI score0.004EPSS
Exploits1References2
Prion
Prion
added 2022/10/13 1:15 a.m.24 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...

6.8CVSS8.7AI score0.004EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/10/13 12:0 a.m.60 views

CVE-2022-34020

The CVE-2022-34020 entry concerns ResIOT IOT Platform + LoRaWAN Network Server (up to version 4.1.1000114). A Cross Site Request Forgery (CSRF) vulnerability could allow an attacker to add new admin users, with other unspecified impacts mentioned across sources. Reported impact severity is high (...

8.8CVSS8.7AI score0.004EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/10/13 12:0 a.m.17 views

CVE-2022-34022

SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...

7.4AI score0.00804EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/10/13 12:0 a.m.16 views

CVE-2022-34020

Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...

9AI score0.004EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/13 12:0 a.m.10 views

CVE-2022-34021

Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...

5.5AI score0.00443EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/10/13 12:0 a.m.6 views

CVE-2022-34022

SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...

7.2AI score0.00804EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.4 views

PT-2022-21972 · Unknown · Resiot Iot Platform +1

Name of the Vulnerable Software and Affected Versions: ResIOT IOT Platform + LoRaWAN Network Server versions through 4.1.1000114 Description: The issue concerns multiple Cross Site Scripting XSS vulnerabilities. These vulnerabilities can be exploited via the form fields. Recommendations: For...

5.4CVSS5.5AI score0.00443EPSS
Exploits1References4
CVE
CVE
added 2022/10/13 12:0 a.m.52 views

CVE-2022-34022

CVE-2022-34022 is a SQL injection in the ResIOT IOT Platform + LoRaWAN Network Server up to version 4.1.1000114, exploitable via a crafted POST to /ResiotQueryDBActive. The vulnerability affects the API handling input to that endpoint, leading to potential unauthorized data access or modification...

7.2CVSS7.2AI score0.00804EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/13 12:0 a.m.5 views

CVE-2022-34020

Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...

8.8AI score0.004EPSS
Exploits1References2
CVE
CVE
added 2022/10/13 12:0 a.m.51 views

CVE-2022-34021

CVE-2022-34021 affects ResIOT IOT Platform + LoRaWAN Network Server up to version 4.1.1000114, with multiple XSS vulnerabilities exploitable via form fields. Reported severity CVSS v3.1 base score 5.4 (Medium). Remediation guidance in PT-Security PR notes a fix-containing version, but no specific...

5.4CVSS5.5AI score0.00443EPSS
Exploits1References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:10 p.m.4 views

Malicious code in lorawan-devices (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 807c36b91d0868706c742befe9b55d66f71990dbbe7c4e777ac9aa84cbc8a2a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:10 p.m.11 views

MAL-2022-4399 Malicious code in lorawan-devices (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 807c36b91d0868706c742befe9b55d66f71990dbbe7c4e777ac9aa84cbc8a2a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/11 12:0 a.m.17 views

LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk

This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The stack is the root of LoRaWAN implementation and security. We hope to help users secure it and make LoRaWAN communication resistant ...

1.9AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/03/30 12:0 a.m.17 views

Protecting LoRaWAN Hardware from Attacks in the Wild

In the last article of our LoRaWAN series, we present dangerous hardware attacks that could affect organizations using this technology. These attacks are particularly worrying because many LoRaWAN devices are deployed in unsecured locations...

1.6AI score
Exploits0
OpenVAS
OpenVAS
added 2020/03/20 12:0 a.m.252 views

openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.3AI score0.17697EPSS
Exploits32References2
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.40 views

openSUSE Security Update : wireshark (openSUSE-2020-362)

This update for wireshark and libmaxminddb fixes the following issues : Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support bsc1156288. New features include : - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC -...

7.8CVSS6.3AI score0.17697EPSS
Exploits32References93
Rows per page
Query Builder