EUVD-2023-29051

Malicious code in bioql PyPI...

Multiple Seiko Solutions Products Security Breach

Seiko Solutions SkyBridge MB-A100/A110 is an LTE-compatible IoT router from Seiko Solutions, Japan. A security vulnerability exists in SkyBridge MB-A100/MB-A110 version 4.2.2 and earlier, SkyBridge BASIC MB-A130 version 1.5.5 and earlier, which stems from a command injection vulnerability that ca...

PT-2024-24913 · Unknown · Skybridge Basic Mb-A130 +1

Name of the Vulnerable Software and Affected Versions: SkyBridge MB-A100/MB-A110 versions 4.2.2 and earlier SkyBridge BASIC MB-A130 versions 1.5.5 and earlier Description: The issue is related to improper neutralization of special elements used in a command, also known as 'Command Injection'. Thi...

CVE-2023-25072

Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...

CVE-2023-24586

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product...

CVE-2023-23906

Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product...

CVE-2023-22361

Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier allows a remote authenticated attacker to alter a WebUI password of the product...

CVE-2023-22361

CVE-2023-22361 affects Seiko Solutions SkyBridge MB-A100/110 firmware (4.2.0 and earlier) and is caused by improper privilege management that allows a remote authenticated attacker to alter the WebUI password. The connected documents provide concrete remediation guidance: update to SkyBridge MB-A...

CVE-2023-25072

CVE-2023-25072 affects Seiko Solutions SkyBridge MB-A100/110 (firmware v4.2.0 and earlier). The weakness is use of weak credentials, which may let a remote unauthenticated attacker decrypt the WebUI password. Affected components are the SkyBridge WebUI authentication/credential handling; root cau...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A100/110 firmware version 4.2.0 and earlier versions, which originates from storing sensitive information in clear text...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier versions. An attacker could exploit the vulnerability to decrypt the password of the product's WebUI...

CVE-2023-25070

CVE-2023-25070 concerns SkyBridge MB-A100/110 firmware 4.2.0 and earlier, where cleartext transmission enables a remote, unauthenticated attacker to eavesdrop on or alter administrator communications if Telnet is enabled. Red Hat/RedHat Enterprise advisories and related sources confirm the issue ...

CVE-2023-23906

The CVE-2023-23906 entry concerns Seiko Solutions SkyBridge MB-A100/110 firmware versions 4.2.0 and earlier, where missing authentication for a critical function may allow a remote unauthenticated attacker to execute actions such as rebooting the product. Supported connected documents confirm aff...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A100/110 firmware version 4.2.0 and earlier versions, which originates from storing sensitive information in clear text. An attacker could exploit the...

CVE-2022-36556

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain a command injection vulnerability via the ipAddress parameter at 07system08executeping01...

CVE-2022-36558

Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...

CVE-2022-36558

Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...

CVE-2022-36557

CVE-2022-36557 affects Seiko SkyBridge MB-A100/MB-A110 (firmware v4.2.0 and earlier). The issue is an arbitrary file upload via the restore backup function that can lead to arbitrary code execution through a crafted HTML file. Remediation per connected documents: update to SkyBridge MB-A100/110 f...

CVE-2022-36556

Seiko SkyBridge MB-A100/A110 (v4.2.0 and earlier) is affected by CVE-2022-36556 due to a command-injection vulnerability via the ipAddress parameter at the /07system08execute_ping_01 endpoint. The issue could allow a remote attacker to execute arbitrary commands with admin privileges on affected ...

Seiko Solutions SkyBridge MB-A100/A110 命令注入漏洞

The Seiko Solutions SkyBridge MB-A100/A110 is an LTE-compatible IoT router from Seiko Solutions, Japan. A security vulnerability exists in the Seiko Solutions SkyBridge MB-A100/A110 v4.2.0 and earlier, which is caused by a command injection in the Ping parameter in pingexec.cgi...