CVE-2022-32765
published 2022-10-25CVE-2022-32765: An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network…
PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.45%
87.5th percentile
An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| robustel | r1510 | — | — |
| robustel | r1510 | — | — |
| robustel | r1510_firmware | — | — |
| robustel | r1510_firmware | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
blogs_talos·2023-08-02
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
## The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Since the discovery of the widespread VPNFilter malware in 2018 , Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers.
During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141 advisories covering 289 CVEs across multiple routers.
Talos is highlighting some of the major issues our researchers discovered over the past several years, including vulnerabilities that an attacker could mostly directly access or those an adversary could chain together to gain elevated access to the devices.
There are several Snort rules that can detect possible exploitation of the vulnerabilitie
Talos
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
blogs_talos·2023-08-02
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
- Since the discovery of the widespread VPNFilter malware in 2018, Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers.
- During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141 advisories covering 289 CVEs across multiple routers.
- Talos is highlighting some of the major issues our researchers discovered over the past several years, including vulnerabilities that an attacker could mostly directly access or those an adversary could chain together to gain elevated access to the devices.
- There are several Snort rules that can detect possible exploitation of the vulnerabilities included in this post.
Small office/home office (SOHO) routers and small-scale industrial rout
Talos
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
blogs_talos·2022-10-12·CVSS 9.1
[CRITICAL] Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
## Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely.
The Robustel R1510 router is a dual-ethernet port wireless router that shares 3G and 4G wireless signals for use in industrial and internet-of-things environments. The router includes the use of open VPN tunneling, a cloud management platform to manage other devices and routers and different safeguards to manage data caps.
Talos discovered five operating system command injection vulnerabilities in the router th
Talos
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
blogs_talos·2022-10-12·CVSS 9.1
[CRITICAL] Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely.
The Robustel R1510 router is a dual-ethernet port wireless router that shares 3G and 4G wireless signals for use in industrial and internet-of-things environments. The router includes the use of open VPN tunneling, a cloud management platform to manage other devices and routers and different safeguards to manage data caps.
Talos discovered five operating system command injection vulnerabilities in the router that an adversary could trigger by sending the targeted device a specially crafted network request. All these vulnerabilities hav
2022-10-25
Published