Helmholz Rex 100 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Helmholz Rex 100 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-45274 — CVSS 9.8 (critical): An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.
CVE-2024-45275 — CVSS 9.8 (critical): The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of…
CVE-2024-45271 — CVSS 8.4 (high): An unauthenticated local attacker can gain admin privileges by deploying a config file due to improper input validation.
CVE-2024-45273 — CVSS 8.4 (high): An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of…
CVE-2024-45276 — CVSS 7.5 (high): An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication.