Jinan USR IOT USR-W610 安全漏洞

Jinan USR IOT USR-W610 is a serial-to-Ethernet converter developed by Jinan USR IOT. There is a security vulnerability in the Jinan USR IOT USR-W610. This vulnerability stems from the fact that the embedded Web interface of the device does not support HTTPS/TLS authentication and uses HTTP basic...

Jinan USR IOT USR-W610 安全漏洞

Jinan USR IOT USR-W610 is a serial-to-Ethernet converter produced by the Jinan USR IOT company. There is a security vulnerability in the Jinan USR IOT USR-W610; this vulnerability stems from allowing administrator username and password values to be set to null, which may allow unauthenticated...

CVE-2022-29730

USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device...

USR IOT 4G LTE Industrial Cellular VPN Router 信任管理问题漏洞

Jinan USR IOT Technology USR IOT 4G LTE Industrial Cellular VPN Router is an industrial-grade 4G wireless LTE router from Jinan USR IOT Technology China. A security vulnerability exists in the USR IOT 4G LTE Industrial Cellular VPN Router version 1.0.36, which originates from the inability to...

CVE-2022-29730

CVE-2022-29730 affects USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36. The issue is hard-coded credentials for the highest privileged account (USR user) with password www.usr.cn, which cannot be changed via normal device operation. This credential exposure enables full compromise of the de...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor

Exploit Title: USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor Exploit Author: LiquidWorm !/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com |...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

!/usr/bin/env python3 USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Vendor: Jinan USR IOT Technology Limited Product web page: https://www.pusr.com | https://www.usriot.com Affected version: 1.0.36 USR-G800V2, USR-G806, USR-G807, USR-G808 1.2.7 USR-LG220-L Summary:...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor Exploit

The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the device. Affected versions include 1.0.36 and 1.2.7. !/usr/bin/env python...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

Summary USR-G806 is a industrial 4G wireless LTE router which provides a solution for users to connect own device to 4G network via WiFi interface or Ethernet interface. USR-G806 adopts high performance embedded CPU which can support 580MHz working frequency and can be widely used in Smart Grid,...

CVE-2019-18842

A cross-site scripting XSS vulnerability in the configuration web interface of the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module with web version 1.2.2 allows attackers to leak credentials of the Wi-Fi access point the module is logged into, and the web interface login credentials, by...

Cross site scripting

A cross-site scripting XSS vulnerability in the configuration web interface of the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module with web version 1.2.2 allows attackers to leak credentials of the Wi-Fi access point the module is logged into, and the web interface login credentials, by...

CVE-2019-18842

A cross-site scripting XSS vulnerability in the configuration web interface of the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module with web version 1.2.2 allows attackers to leak credentials of the Wi-Fi access point the module is logged into, and the web interface login credentials, by...

CVE-2019-18842

CVE-2019-18842 concerns the Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module (web interface version 1.2.2). Multiple connected sources confirm a Cross‑Site Scripting (XSS) vulnerability in the configuration web interface caused by insufficient input validation, enabling an attacker to exf...