Skip to main content

Rely Pcie Firmware

14 CVEs product

Monthly

CVE-2024-44577 HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-44575 LOW Monitor

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Rely Pcie Firmware
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2024-44574 HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-44573 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rely Pcie Firmware
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2024-44572 HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-44571 HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass PHP Rely Pcie Firmware
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-44570 HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP Rely Pcie Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-47579 HIGH This Week

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rely Pcie Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-47578 HIGH This Week

Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Rely Pcie Firmware Rely Rec Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-47577 CRITICAL Act Now

An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rely Pcie Firmware Rely Rec Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-47576 HIGH This Week

An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware Rely Rec Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-47575 MEDIUM This Month

An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rely Pcie Firmware Rely Rec Firmware
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-47574 MEDIUM This Month

An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Rely Pcie Firmware Rely Rec Firmware
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-47573 HIGH This Week

An issue discovered in Relyum RELY-PCIe 22.2.1 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Rely Pcie Firmware Rely Rec Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
EPSS 1% CVSS 8.8
HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware
NVD
EPSS 0% CVSS 3.7
LOW Monitor

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Rely Pcie Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rely Pcie Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass PHP Rely Pcie Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP Rely Pcie Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rely Pcie Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Rely Pcie Firmware Rely Rec Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rely Pcie Firmware Rely Rec Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rely Pcie Firmware Rely Rec Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rely Pcie Firmware Rely Rec Firmware
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Rely Pcie Firmware Rely Rec Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An issue discovered in Relyum RELY-PCIe 22.2.1 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Rely Pcie Firmware Rely Rec Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy