CVE-2022-35262

CVE-2022-35262 affects Robustel R1510 (versions 3.1.16 and 3.3.0). The denial-of-service stems from the web_server hashFirst function within the /action/import_xml_file/ API, where an crafted request can trigger a crash/DoS via unsafe handling of hash tables (GoAhead Webs library). TALOS details ...

CVE-2022-35261

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

CVE-2022-33897

A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2022-33897

CVE-2022-33897 describes a directory traversal in Robustel R1510 3.1.16, exposed via the web_server /ajax/remove/ API. The vulnerability arises from how the API constructs the target path from the provided file_name and folder selection, allowing an attacker to trigger an rm -rf operation on arbi...

Robustel R1510 缓冲区错误漏洞

Robustel R1510 is an industrial VPN router from Robustel China. A buffer error vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could resul...

Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1579 Robustel R1510 webserver /ajax/remove/ directory traversal vulnerability October 14, 2022 CVE Number CVE-2022-33897 SUMMARY A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A...

CVE-2022-33325

Multiple command injection vulnerabilities exist in the webserver ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The...

CVE-2022-33329

Robustel R1510 OS command injection (CVE-2022-33329) exists in the web server ajax endpoints, including /ajax/set_sys_time/. The root cause is unsafe handling of user-controlled parameters (via functions like sysprintf and system), enabling arbitrary command execution on the device. Talos documen...

CVE-2022-33326

The CVE-2022-33326 family affects Robustel R1510 (3.3.0) Web UI endpoints. The root cause is unsafe command execution via system()-style calls in multiple /ajax/* endpoints (eg /ajax/config_rollback/, /ajax/clear_tools_log/, /ajax/remove_sniffer_raw_log/, /ajax/remove/, /ajax/set_sys_time/) where...

CVE-2022-33325

CVE-2022-33325 relates to OS command injection in Robustel R1510 web_server ajax endpoints. Talos details show unsafe usage of user inputs in functions like sysprintf and direct calls to system(), enabling arbitrary command execution via crafted network requests to endpoints such as /ajax/clear_t...

CVE-2022-33314

CVE-2022-33314 concerns Robustel R1510 web server command injection vulnerabilities. Talos/Cisco reports describe multiple unsanitized user inputs reaching endpoints under /action/ that allow OS command execution via unsafe formatting and system() usage. Root cause involves unsafe handling in cod...

Robustel R1510 web_server /action/remove/ API data removal vulnerability

Summary A data removal vulnerability exists in the webserver /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions Robustel R151...

GHSA-48MJ-P7X2-5JFM Basic auth bypass in esphome

Impact Anyone with webserver enabled and HTTP basic auth configured on 2021.9.1 or older webserver allows OTA update without checking user defined basic auth username & password Patches Patch released in 2021.9.2 Workarounds Disable/remove webserver...

CVE-2021-41104

ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...

Default credentials

ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...

PYSEC-2021-351

ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...

CVE-2021-41104

ESPHome’s web_server in versions 2021.9.1 and earlier is vulnerable to OTA updates without validating the configured HTTP basic auth credentials. The root cause is that OTA update requests bypass the user-defined username/password check. The issue is fixed in version 2021.9.2; as a workaround, di...

CVE-2021-41104 web_server allows OTA update without checking user defined basic auth username & password

ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...

PHP '_php_stream_scandir()'缓冲区溢出漏洞

BUGTRAQ ID: 54638 CVE ID: CVE-2012-2688 PHP 是一种 HTML 内嵌式的语言，PHP与微软的ASP颇有几分相似，都是一种在服务器端执行的嵌入HTML文档的脚本语言，语言的风格有类似于C语言，现在被很多的网站编程人员广泛的运用。 PHP 5.3.15和5.4.5之前版本的phpstreamscandir函数在流的实现中存在缓冲区溢出漏洞，成功利用此漏洞可允许远程攻击者在受影响的Web服务器中执行任意代码。 0 PHP 5.4.5 PHP 5.3.15 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...