74 matches found
CVE-2022-26147
CVE-2022-26147 affects the Quectel RG502Q-EA modem. The issue is OS command injection arising from the OTA download process, allowing an attacker to execute arbitrary commands with root privileges on the device. The public descriptions consistently note the vulnerability exists before 2022-02-23....
Quectel RG502Q-EA 操作系统命令注入漏洞
The Quectel RG502Q-EA is a 5G Sub-6 GHz LGA module from China Mobile Communications Quectel optimized for IoT and M2M applications. The Quectel RG502Q-EA suffers from a security vulnerability that stems from a security issue in the way the OTA download process operates, which can be exploited by ...
CVE-2021-45815
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting XSS vulnerability...
CVE-2021-45815
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting XSS vulnerability...
Cross site scripting
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting XSS vulnerability...
CVE-2021-45815
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting XSS vulnerability...
CVE-2021-45815
CVE-2021-45815 affects Quectel UC20 UMTS/HSPA+ UC20 6.3.14. CNNVD describes a Cross Site Scripting (XSS) vulnerability arising from lack of valid filtering and escaping of the basicname in password_clip.cgi. No explicit exploit status or patch is provided in the connected documents; remediation d...
Quectel UC20 跨站脚本漏洞
The Quectel UC20 is a powerful UMTS/HSPA+ module from China Mobile Communications Quectel that provides a maximum downlink data rate of 14.4Mbps and uplink data rate of 5.76Mbps. A cross-site scripting vulnerability exists in the Quectel UC20 UMTS/HSPA+ version 6.3.14, which stems from a lack of...
CVE-2021-31698
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectelhandlefumocfg input in atfwddaemon...
CVE-2021-31698
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectelhandlefumocfg input in atfwddaemon...
Code injection
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectelhandlefumocfg input in atfwddaemon...
CVE-2021-31698
CVE-2021-31698 affects Quectel EG25-G devices through 202006130814. The vulnerability allows remote code execution by sending AT commands that place shell metacharacters in quectel_handle_fumo_cfg input processed by atfwd_daemon, potentially executing as root. Multiple sources (NVD entry and vend...
CVE-2021-31698
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectelhandlefumocfg input in atfwddaemon...
Quectel EG25-G 操作系统命令注入漏洞
The Quectel EG25-G is a LTE Cat 4 wireless communication module from China Mobile Telecommunications Quectel designed for M2M and IoT applications. It utilizes 3GPP Rel. 11 LTE technology and supports a maximum downlink rate of 150Mbps and a maximum uplink rate of 50Mbps. An OS command injection...