The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper authentication checks on the /_Passwd.html endpoint. An attacker can send an unauthenticated POST request to change the Admin, Operator, and User passwords, resulting in complete system compromise.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rvr | tex150lcd/s_firmware | texl-000400 |
| rvr | tex300lcd_firmware | texl-000400 |
| rvr | tex702lcd_firmware | texl-000400 |
| rvr | tex1002lcd_firmware | texl-000400 |
| rvr | tex30lcd/s_firmware | texl-000400 |
| rvr | tex502lcd_firmware | texl-000400 |
| rvr | tex2500lcd_firmware | texl-000400 |
| rvr | tex50lcd/s_firmware | texl-000400 |
| rvr | tex2000light_firmware | texl-000400 |
| rvr | tex3500lcd_firmware | texl-000400 |
| rvr | tex100lcd/s_firmware | texl-000400 |
A stored cross-site scripting vulnerability exists in the web management interface of the R.V.R. Elettronica TLK302T telemetry controller (firmware 1.5.1799).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 3.5 | LOW | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N | 0.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rvr | tlk302t_firmware | 1.5.1799 |