Vulnerabilities > IRZ

DATE CVE VULNERABILITY TITLE RISK
2023-02-27 CVE-2021-32302 Cross-site Scripting vulnerability in IRZ Ruh2 Firmware
Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter.
network
low complexity
irz CWE-79
6.1
2022-03-19 CVE-2022-27226 Cross-Site Request Forgery (CSRF) vulnerability in IRZ products
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel.
network
irz CWE-352
critical
9.3
2016-05-30 CVE-2016-2309 Insufficient Verification of Data Authenticity vulnerability in IRZ Ruh2
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.
network
low complexity
irz CWE-345
8.0