Relyum: >> Rely-Rec Firmware Security Vulnerabilities
An issue discovered in Relyum RELY-PCIe 22.2.1 devices. The authorization mechanism is not enforced in the web interface, allowing a low-privileged user to execute administrative functions.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-13
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled.
CVSS Score
5.9
EPSS Score
0.002
Published
2023-12-13
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-12-13
An issue was discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices, allowing authenticated command injection through the web interface.
CVSS Score
8.8
EPSS Score
0.006
Published
2023-12-13
An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-12-13
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-13