Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Robustel Subscribe
Filtered by product R1510 Firmware
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-33314 1 Robustel 2 R1510, R1510 Firmware 2022-07-12 7.5 HIGH 9.8 CRITICAL
Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_sdk_file/` API is affected by command injection vulnerability.
CVE-2022-33313 1 Robustel 2 R1510, R1510 Firmware 2022-07-12 7.5 HIGH 9.8 CRITICAL
Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_https_cert_file/` API is affected by command injection vulnerability.
CVE-2022-33312 1 Robustel 2 R1510, R1510 Firmware 2022-07-12 7.5 HIGH 9.8 CRITICAL
Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_cert_file/` API is affected by command injection vulnerability.
CVE-2022-33329 1 Robustel 2 R1510, R1510 Firmware 2022-07-12 7.5 HIGH 9.8 CRITICAL
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/set_sys_time/` API is affected by a command injection vulnerability.
CVE-2022-32585 1 Robustel 2 R1510, R1510 Firmware 2022-07-12 7.5 HIGH 9.8 CRITICAL
A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2022-28127 1 Robustel 2 R1510, R1510 Firmware 2022-07-12 6.4 MEDIUM 9.1 CRITICAL
A data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability.