Helmholz

Rex 100 Firmware

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-45274

  • EPSS 0.97%
  • Published 15.10.2024 11:15:12
  • Last modified 21.11.2024 09:37:35

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.

9.8

CVE-2024-45275

  • EPSS 0.83%
  • Published 15.10.2024 11:15:12
  • Last modified 21.11.2024 09:37:35

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.

7.5

CVE-2024-45276

  • EPSS 0.63%
  • Published 15.10.2024 11:15:12
  • Last modified 24.01.2025 07:15:10

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication.

7.8

CVE-2024-45271

  • EPSS 0.12%
  • Published 15.10.2024 11:15:11
  • Last modified 26.08.2025 15:15:40

An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.

7.8

CVE-2024-45273

  • EPSS 0.04%
  • Published 15.10.2024 11:15:11
  • Last modified 21.11.2024 09:37:35

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

7.2

CVE-2024-5672

  • EPSS 0.61%
  • Published 03.07.2024 13:15:03
  • Last modified 13.02.2025 18:18:18

A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.