CVE-2022-35269

Name of the Vulnerable Software and Affected Versions Robustel R1510 versions 3.1.16 through 3.3.0

Description A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this issue. The /action/import e2c json file/ API endpoint is affected.

Recommendations For versions 3.1.16 and 3.3.0, consider disabling access to the /action/import e2c json file/ API endpoint as a temporary workaround until a patch is available. Restricting the hashFirst functionality in the web server may also help minimize the risk of exploitation.