CVE-2022-35264

Name of the Vulnerable Software and Affected Versions Robustel R1510 versions 3.1.16 through 3.3.0

Description A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this issue, which affects the /action/import aaa cert file/ API endpoint, using variables such as action and potentially others to exploit the vulnerability.

Recommendations For Robustel R1510 versions 3.1.16 through 3.3.0, as a temporary workaround, consider restricting access to the /action/import aaa cert file/ API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.