Multiple vulnerabilities have been discovered in REX100 allowing for RCE or unauthorized file access.
Multiple vulnerabilities have been discovered in Helmholz products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the myREX24 V2 and myREX24.virtual products, while CVE-2024-45273 affects the REX200/250, myREX24 V2, myREX24.virtual and REX300 products.
Several Helmholz products are vulnerable to a possible race condition vulnerability in OpenSSH named "regreSSHion".
There exists a vulnerability in all REX 100 devices with firmware <= 2.2.11 that allows an authenticated attacker to execute arbitrary system commands via GET requests.
Update: 03.07.2024 3:30pm
In section Reported by Sebastian Dietz (CyberDanube) was added.
A stored XXS vulnerability has been found in REX 200 and REX 250 in all versions before 7.3.2.
Two vulnerabilites have been discovered in myREX24 and myREX24.virtual in all versions through 2.13.3.
Multiple vulnerabilities have been found in myREX24 and myREX24.virtual.