24 matches found
GO-2026-4444 OpenCloud Reva has a Public Link Exploit in github.com/opencloud-eu/reva
OpenCloud Reva has a Public Link Exploit in github.com/opencloud-eu/reva...
SUSE CVE-2026-23989
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
CVE-2026-23989
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
CVE-2026-23989
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
CVE-2026-23989 REVA Public Link Exploit
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
CVE-2026-23989
REVA (OpenCloud Reva component) contains a vulnerability in its GRPC authorization middleware that lets a malicious user bypass the public link scope verification via the archiver service, enabling creation of an archive (zip/tar) containing all resources within the link’s scope. Affected version...
EUVD-2026-5629
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
CVE-2026-23989 REVA Public Link Exploit
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
CVE-2026-23989 REVA Public Link Exploit
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
REVA 安全漏洞
REVA is an open-source data platform software developed by OpenCloud. Versions of REVA prior to 2.42.3 and 2.40.3 contained security vulnerabilities. These vulnerabilities were caused by a bypass in range validation of the GRPC authorization middleware, which could lead to the creation of archive...
OpenCloud Affected by Public Link Exploit
Impact A security issue was discovered in Reva that enables a malicious user to bypass the scope validation of a public link. That allows it to access resources outside the scope of a public link. OpenCloud uses Reva as one of its core components and thus it is affected. Patches Update to OpenClo...
GHSA-VF5J-R2HW-2HRW OpenCloud Affected by Public Link Exploit
Impact A security issue was discovered in Reva that enables a malicious user to bypass the scope validation of a public link. That allows it to access resources outside the scope of a public link. OpenCloud uses Reva as one of its core components and thus it is affected. Patches Update to OpenClo...
GHSA-9J2F-3RJ3-WGPG OpenCloud Reva has a Public Link Exploit
Impact A security issue was discovered in Reva based products that enables a malicious user to bypass the scope validation of a public link, allowing it to access resources outside the scope of a public link. Details Public link shares in OpenCloud are bound to a specific scope usually a file or...
OpenCloud Reva has a Public Link Exploit
Impact A security issue was discovered in Reva based products that enables a malicious user to bypass the scope validation of a public link, allowing it to access resources outside the scope of a public link. Details Public link shares in OpenCloud are bound to a specific scope usually a file or...
PT-2026-6645
Name of the Vulnerable Software and Affected Versions REVA versions prior to 2.40.3 REVA versions prior to 2.42.3 Description A flaw exists in the GRPC authorization middleware of the "Reva" component of OpenCloud. This allows a malicious user to bypass scope verification of a public link. By...
CVE-2024-41611
In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands...
CVE-2024-37607
A Buffer overflow vulnerability in D-Link DAP-2555 REVAFIRMWARE1.20 allows remote attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-36831
A NULL pointer dereference in the pluginscallhandleuriclean function of D-Link DAP-1520 REVAFIRMWARE1.10B04BETA02HOTFIX allows attackers to cause a Denial of Service DoS via a crafted HTTP request without authentication...
D-Link DAP-2555 安全漏洞
The D-Link DAP-2555 is a wireless access point from China AUO D-Link. A denial of service vulnerability exists in the D-Link DAP-2555 REVAFIRMWARE1.20 version that originates from a null pointer dereference. An attacker can exploit this vulnerability to cause a denial of service...
CVE-2024-41616
D-Link DIR-300 REVA FIRMWARE v1.06B05WW contains hardcoded credentials in the Telnet service...