Relyum Rely-rec_firmware
6 CVEs affecting Relyum Rely-rec_firmware. Latest disclosed: 2023-12-13. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-47577 | Critical | 9.8 | 2023-12-13 | An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password. |
CVE-2023-47578 | High | 8.8 | 2023-12-13 | Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the w… |
CVE-2023-47576 | High | 8.8 | 2023-12-13 | An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface. |
CVE-2023-47573 | High | 8.8 | 2023-12-13 | An issue discovered in Relyum RELY-PCIe 22.2.1 devices. The authorization mechanism is not enforced in the web interface, allowing a low-privileged user to exe… |
CVE-2023-47575 | Medium | 6.1 | 2023-12-13 | An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS. |
CVE-2023-47574 | Medium | 5.9 | 2023-12-13 | An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled. |