Approved changes feed: RSS · Atom
cpe:2.3:a:helmholz:rex_100:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Helmholz (464ff5a7-c87f-5dc1-9bca-f7c898c0bb50) |
|---|---|
| Product | Rex 100 (03364622-3cfb-545b-850d-c8040f4b9802) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-41681 |
vulnerable | 2026-06-03 15:01:15.052904 |
Persistent Cross-Site Scripting via POST Requests Due to Improper Neutralization of Input
MEDIUM (4.8)
A high privileged remote attacker can gain persistent XSS via POST requests due to improper neutralization of special elements used to create dynamic content.
Published: 2025-07-21T09:31:25.796Z
Updated: 2025-11-03T19:59:07.270Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41679 |
vulnerable | 2026-06-03 15:01:15.052455 |
Unauthenticated Buffer Overflow in Conftool Service Leading to Denial of Service
MEDIUM (5.3)
An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.
Published: 2025-07-21T09:31:04.713Z
Updated: 2025-11-03T19:59:05.914Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41678 |
vulnerable | 2026-06-03 15:01:15.051893 |
SQL Injection via POST Requests Allowing Configuration Database Manipulation
MEDIUM (6.5)
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement.
Published: 2025-07-21T09:30:44.484Z
Updated: 2025-11-03T19:59:04.559Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41677 |
vulnerable | 2026-06-03 15:01:15.051277 |
Resource Exhaustion via POST Requests to send-mail Action
MEDIUM (4.9)
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-mail action in fast succession.
Published: 2025-07-21T09:30:28.614Z
Updated: 2025-11-03T19:59:03.144Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41676 |
vulnerable | 2026-06-03 15:01:15.050736 |
Resource Exhaustion via POST Requests to send-sms Action
MEDIUM (4.9)
A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession.
Published: 2025-07-21T09:30:07.473Z
Updated: 2025-11-03T19:59:01.738Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41675 |
vulnerable | 2026-06-03 15:01:15.050011 |
Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization
HIGH (7.2)
A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command.
Published: 2025-07-21T09:29:57.024Z
Updated: 2025-11-03T19:59:00.344Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41674 |
vulnerable | 2026-06-03 15:01:15.049461 |
Remote Command Injection in diagnostic Action Due to Improper Input Neutralization
HIGH (7.2)
A high privileged remote attacker can execute arbitrary system commands via POST requests in the diagnostic action due to improper neutralization of special elements used in an OS command.
Published: 2025-07-21T09:29:43.181Z
Updated: 2025-11-03T19:58:58.776Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41673 |
vulnerable | 2026-06-03 15:01:15.047044 |
Remote Command Injection in send_sms Action Due to Improper Input Neutralization
HIGH (7.2)
A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.
Published: 2025-07-21T09:29:32.129Z
Updated: 2025-11-03T19:58:57.413Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5672 |
vulnerable | 2026-06-03 14:57:53.797385 |
Red Lion Europe: mbNET.mini vulnerable to OS command injection
HIGH (7.2)
A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command.
Published: 2024-07-03T12:26:44.599Z
Updated: 2025-02-13T17:54:25.437Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.