39 matches found
EUVD-2022-38157
Malicious code in bioql PyPI...
EUVD-2022-38162
Malicious code in bioql PyPI...
EUVD-2022-38155
Malicious code in bioql PyPI...
EUVD-2022-38160
Malicious code in bioql PyPI...
EUVD-2022-38161
Malicious code in bioql PyPI...
Cross-Site Request Forgery (CSRF)
esphome is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists due to inadequate validation of incoming requests within webserver.py, allowing an attacker to perform unauthorized actions on configuration files such as creating, editing, or deleting files...
CVE-2022-34850
An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability...
Denial of service
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
Denial of service
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35271
CVE-2022-35271 corresponds to a DoS in Robustel R1510 web server hashFirst function. Targeted versions are Robustel R1510 3.1.16 and 3.3.0. Talos’ TALOS-2022-1575 explains that the hashFirst routine traverses symbol tables via WebsHash and can crash the web server if sd (the hashtable index) is i...
CVE-2022-35271
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35270
Summary: CVE-2022-35270 affects Robustel R1510 web_server hashFirst vulnerability (versions 3.1.16 and 3.3.0). A specially crafted network request to the API path “/action/import_wireguard_cert_file/” can trigger a denial of service. The root cause described in public TALOS analysis centers on th...
CVE-2022-35269
Robustel R1510 (versions 3.1.16 and 3.3.0) is affected by a denial-of-service in the web_server hashFirst function, triggered by crafted requests to the /action/import_e2c_json_file/ API. TALOS documents a potential segmentation fault when an invalid sd index is used, which can terminate the web ...
CVE-2022-35267
Robustel R1510 is affected by a denial-of-service in the web_server hashFirst function, impacting versions 3.1.16 and 3.3.0. A specially crafted network request to the /action/import_https_cert_file/ API can trigger a crash via an out-of-bounds access in the GoAhead-based web server, potentially ...
CVE-2022-35266
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35265
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35264
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35263
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35262
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
CVE-2022-35262
CVE-2022-35262 affects Robustel R1510 (versions 3.1.16 and 3.3.0). The denial-of-service stems from the web_server hashFirst function within the /action/import_xml_file/ API, where an crafted request can trigger a crash/DoS via unsafe handling of hash tables (GoAhead Webs library). TALOS details ...