PT-2022-26850 · Telos Alliance · Telos Alliance Omnia Mpx Node

Name of the Vulnerable Software and Affected Versions: Telos Alliance Omnia MPX Node versions 1.0.0 through 1.4. Description: An Insecure Direct Object Reference IDOR vulnerability in the password reset function allows attackers to arbitrarily change user and Administrator account passwords...

CVE-2022-43326

An Insecure Direct Object Reference IDOR vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4. allows attackers to arbitrarily change user and Administrator account passwords...

CVE-2022-36642

A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive...

Arbitrary file deletion

A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive...

CVE-2022-36642

A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive...

CVE-2022-36642

Telos Alliance Omnia MPX Node is affected by CVE-2022-36642 via a local file inclusion path involving /appConfig/userDB.json. The Nuclei template for Omnia MPX 1.5.0+r1 documents LFI through logs/downloadMainLog, enabling an attacker to read userDB.json, retrieve cleartext credentials, and escala...

Telos Alliance Omnia MPX Node 安全漏洞

The Telos Alliance Omnia MPX Node is a specialized hardware codec from Telos Alliance, USA. Capable of sending or receiving full FM signals at data rates as low as 320 kbps using the Omnia μMPXTM algorithm, it is ideally suited for capacity-limited networks including IP radios. A security...

PT-2022-23526 · Telos Alliance · Telos Alliance Omnia Mpx Node

Name of the Vulnerable Software and Affected Versions: Telos Alliance Omnia MPX Node versions 1.0.0 through 1.5.0+r1 Description: A local file disclosure issue in the /appConfig/userDB.json file allows attackers to access user credentials, potentially gaining initial access to the control panel...