Relyum Rely-pcie

14 CVEs affecting Relyum Rely-pcie. Latest disclosed: 2024-09-11. Critical: 1, High: 9.

Top CVEs affecting Relyum Rely-pcie
CVESeverityScorePublishedSummary
CVE-2023-47577Critical9.82023-12-13An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password.
CVE-2024-44577High8.82024-09-11RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function.
CVE-2024-44574High8.82024-09-11RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function.
CVE-2024-44572High8.82024-09-11RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function.
CVE-2024-44571High8.82024-09-11RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php.
CVE-2024-44570High8.82024-09-11RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.
CVE-2023-47578High8.82023-12-13Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the w…
CVE-2023-47576High8.82023-12-13An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface.
CVE-2023-47573High8.82023-12-13An issue discovered in Relyum RELY-PCIe 22.2.1 devices. The authorization mechanism is not enforced in the web interface, allowing a low-privileged user to exe…
CVE-2023-47579High7.52023-12-13Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system.
CVE-2023-47575Medium6.12023-12-13An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS.
CVE-2023-47574Medium5.92023-12-13An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled.
CVE-2024-44573Medium4.72024-09-11A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts o…
CVE-2024-44575Low3.72024-09-11RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies…