Unauthenticated HTTP Post Replay Vulnerability in Dingtian DT-R002 2CH Relay Devices

Unauthenticated HTTP Post Replay Vulnerability in Dingtian DT-R002 2CH Relay Devices

CVE-2022-29593 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.

Learn more about our Web Application Penetration Testing UK.