Published: 14/07/2022 Updated: 05/11/2022

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 0

relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an malicious user to replay HTTP post requests without the need for authentication or a valid signed/authorized request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dingtian-tech dt-r004_firmware 3.1.276a

Dingtian-DT-R002 version 31276A suffers from an authentication bypass vulnerability ...

CVE-2022-29593 - Authentication Bypass by Capture Replay (Dingtian-DT-R002) Title Authentication Bypass by Capture-replay Published: Version: 10 Vendor: Shenzhen Dingtian Technologies Co,Ltd Product: 2 Channel Relay Board/Relay Card Version affected: Firmware V31276A Product - Dingtian DTR004 Ali Express Link Product Description 2 Channel Relay Board/Relay Card WiFi/RS485

CWE-294 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2022-29593-authentication-bypass-by-capture-replay-dingtian-dt-r002/https://www.trustwave.com/en-us/resources/security-resources/security-advisories/http://packetstormsecurity.com/files/167868/Dingtian-DT-R002-3.1.276A-Authentication-Bypass.html https://nvd.nist.gov https://github.com/9lyph/CVE-2022-29593 https://packetstormsecurity.com/files/167868/Dingtian-DT-R002-3.1.276A-Authentication-Bypass.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-29593

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect