Lucene search
HistoryOct 25, 2022 - 5:15 p.m.
CVE-2022-34845
vulnerability
firmware update
robustel r1510
network packet
attacker
sysupgrade
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
24.8%
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability.
Affected configurations
Node
robustelr1510_firmwareMatch3.1.16
ORrobustelr1510_firmwareMatch3.3.0
robustelr1510Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| robustel | r1510_firmware | 3.1.16 | cpe:2.3:o:robustel:r1510_firmware:3.1.16:*:*:*:*:*:*:* |
| robustel | r1510_firmware | 3.3.0 | cpe:2.3:o:robustel:r1510_firmware:3.3.0:*:*:*:*:*:*:* |
| robustel | r1510 | - | cpe:2.3:h:robustel:r1510:-:*:*:*:*:*:*:* |
Related
talos
talos
Robustel R1510 sysupgrade firmware update vulnerability
2022-10-14 00:00:00
prion
prion
Security feature bypass
2022-10-25 17:15:00
cvelist
cvelist
CVE-2022-34845
2022-10-14 00:00:00
cve
cve
CVE-2022-34845
2022-10-25 17:15:53
talosblog
talosblog
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
24.8%
Related for NVD:CVE-2022-34845