Several Helmholz products are vulnerable to a possible race condition vulnerability in OpenSSH named "regreSSHion".
There exists a vulnerability in all REX 100 devices with firmware <= 2.2.11 that allows an authenticated attacker to execute arbitrary system commands via GET requests.
Update: 03.07.2024 3:30pm
In section Reported by Sebastian Dietz (CyberDanube) was added.
A stored XXS vulnerability has been found in REX 200 and REX 250 in all versions before 7.3.2.
Two vulnerabilites have been discovered in myREX24 and myREX24.virtual in all versions through 2.13.3.
Multiple vulnerabilities have been found in myREX24 and myREX24.virtual.
An issue was discovered in myREX24 and myREX24.virtual in all versions through 2.11.2.
An issue was discovered in the myREX24 and myREX24-virtual software in all versions through V2.9.0.