17 matches found
CVE-2025-11534
The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...
CVE-2025-11534
The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...
EUVD-2025-35193
The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...
CVE-2025-11534 Authentication Bypass Using an Alternate Path or Channel in Raisecomm RAX701-GC Series
The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...
EUVD-2024-48389
Malicious code in bioql PyPI...
CVE-2024-55514
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadsfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions...
CVE-2024-55513
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadnetaction.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permission...
CVE-2024-55513
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadnetaction.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permission...
CVE-2024-55514
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadsfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions...
CVE-2024-55515
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadipslib.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded...
CVE-2024-55516
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The component affected by this issue is /uploadsysconfig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissio...
CVE-2024-55514
Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 (version 3.90) are affected by a web interface vulnerability in the /upload_sfmig.php component. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions. Mitigation guidance...
CVE-2024-55515
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadipslib.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded...
CVE-2024-7470
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been rated as critical. This issue affects the function sslvpnconfigmod of the file /vpn/vpntemplatestyle.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os...
CVE-2024-7467
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. Affected by this issue is the function sslvpnconfigmod of the file /vpn/listipnetwork.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os...
PT-2024-5396 · Raisecom · Raisecom Msg2200 +3
Name of the Vulnerable Software and Affected Versions: Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 version 3.90 Description: The issue is related to the function sslvpn config mod of the file /vpn/list vpn web custom.php in the web interface of the affected devices. It is caused by the failur...
CVE-2019-7385
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U2.0.0140521R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a syst...