18 matches found
CVE-2025-65882
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...
EUVD-2025-202318
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...
CVE-2025-65882
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...
CVE-2025-65882
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...
CVE-2025-65882
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...
CVE-2025-65882
An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...
CVE-2025-65882
OpenMPTCProuter flaw CVE-2025-65882 affects versions up to 0.64. The issue is located in common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c, in function create_xor_ipad_opad, potentially allowing an attacker to write arbitrary files or execute arbitrary commands. Documented impact is ...
PT-2025-50216
Name of the Vulnerable Software and Affected Versions openmptcprouter versions through 0.64 Description An issue exists in openmptcprouter through version 0.64, specifically within the file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c and the create xor ipad opad function. This...
The vulnerability of the Attended SysUpgrade function of the sysupgrade.openwrt.org service allows a malicious actor to create a specially crafted malware image signed with a legitimate key.
The vulnerability of the Attended SysUpgrade function of the sysupgrade.openwrt.org service in the embedded operating system OpenWrt is related to the use of a reversible one-way hash function. Exploiting this vulnerability allows a malicious actor to remotely create a specially crafted malware...
CVE-2022-34845
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-34845
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-32765
An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...
Security feature bypass
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-34845
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-32765
An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...
Robustel R1510 sysupgrade command injection OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1576 Robustel R1510 sysupgrade command injection OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-32765 SUMMARY An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and...
Robustel R1510 sysupgrade firmware update vulnerability
Talos Vulnerability Report TALOS-2022-1580 Robustel R1510 sysupgrade firmware update vulnerability October 14, 2022 CVE Number CVE-2022-34845 SUMMARY A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can...
PT-2022-21449 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A command injection issue exists in the sysupgrade command injection functionality. This allows an attacker to execute arbitrary commands by sending a specially-crafted network request...