21 matches found
CVE-2023-47574
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...
CVE-2023-47577
An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password...
CVE-2023-47574
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...
CVE-2023-47578
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery CSRF attacks due to the absence of CSRF protection in the web interface...
CVE-2023-47575
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS...
CVE-2023-47577
An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password...
CVE-2023-47574
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...
CVE-2023-47575
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS...
CVE-2023-47574
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...
Design/Logic Flaw
An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password...
Code injection
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...
Command injection
An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface...
CVE-2023-47577
CVE-2023-47577 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0. The root cause is lack of current-password verification when changing passwords, enabling unauthorized changes. CVSSv3.1 base score is 9.8 (CRITICAL) with Network attack vector, Low attack complexity, Privileges Required: None, U...
CVE-2023-47578
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery CSRF attacks due to the absence of CSRF protection in the web interface...
Relyum RELY-PCIe Security Vulnerability
The Relyum RELY-PCIe is an intelligent pluggable board from the Spanish company Relyum. A security vulnerability exists in Relyum RELY-PCIe version 22.2.1, RELY-REC version 23.1.0. An attacker could exploit this vulnerability to perform cross-site request forgery attacks...
CVE-2023-47575
CVE-2023-47575 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0. The connected documents report a reflected XSS vulnerability in the devices’ web interfaces. Vulnerable component: web UI of RELY-PCIe/RECY-REC; root cause: reflected cross-site scripting. Impact is described as XSS exposure via ...
CVE-2023-47576
CVE-2023-47576 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0. The issue enables authenticated command injection through the devices’ web interface. Root cause details are not provided in the connected documents, so the exact component/flow causing the vulnerability isn’t specified here. The...
CVE-2023-47574
The CVE-2023-47574 entry refers to Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices with a weak SMB configuration where signing is disabled. This impacts confidentiality (per CVSS: high) but does not indicate exploitation details in the provided documents. Affected components are the SMB signi...
CVE-2023-47578
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery CSRF attacks due to the absence of CSRF protection in the web interface...
CVE-2023-47578
CVE-2023-47578 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0; the web interface lacks CSRF protection, enabling CSRF attacks. CVSSv3.1 base score 8.8 (HIGH). If exploited, impacts to confidentiality, integrity, and availability are high. No exploitation status provided. Remediation guidance...