13 matches found
CVE-2022-27226
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
EUVD-2022-31735
Malicious code in bioql PyPI...
IRZ Mobile Routers Cross-Site Request Forgery (CVE-2022-27226)
A CSRF issue in /api/crontab on iRZ Mobile Routers through 20.6.1 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor...
iRZ Mobile Routers 跨站脚本漏洞
iRZ Mobile Routers is a series of mobile routers from the Russian company iRZ. A security vulnerability exists in iRZ Mobile Routers. An attacker could use this vulnerability to obtain sensitive information via the Upload File parameter...
VulnCheck KEV: CVE-2022-27226
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
CVE-2022-27226
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
CVE-2022-27226
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
Cross site request forgery (csrf)
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
CVE-2022-27226
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat...
iRZ Mobile Routers 跨站请求伪造漏洞
iRZ Mobile Routers is a series of mobile routers from the Russian company iRZ. A security vulnerability exists in /api/crontab of iRZ Mobile Routers, which can be exploited by an attacker to create a crontab entry in the router's administration panel, which will be executed by a cronjob at an...
Exploit for Cross-Site Request Forgery (CSRF) in Irz Ru21_Firmware
ez-iRZ Exploit for CVE-2022-27226 Cross Site Request Forgery...
LG Electronics mobile access routers lack access restrictions
Overview LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface. Taiga Asano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacke...
JVN#59503133: Multiple NEC mobile routers vulnerable to cross-site request forgery
Multiple mobile routers provided by NEC contain a vulnerability in web-based management utility, which may result in a cross-site request forgery. Impact If a user views a malicious page while logged in, settings of the product may be initialized, or the product may be rebooted. Solution Update t...