Sign-up

VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-202403-0059 No CVE TP-Link TL-WR740N Buffer Overflow / Denial Of Service No EDB ID
There exists a buffer overflow vulnerability in the TP-Link TL-WR740 router that can allow an attacker to crash the web server running on the router by sending a crafted request.
VAR-E-202403-0094 No CVE TP-Link TL-WR740N - Buffer Overflow 'DOS' - Hardware webapps Exploit EDB ID: 51866
TP-Link TL-WR740N - Buffer Overflow 'DOS'.. webapps exploit for Hardware platform
VAR-E-202402-0089 No CVE TP-LINK TL-WR740N - Multiple HTML Injection - Hardware webapps Exploit EDB ID: 51769
TP-LINK TL-WR740N - Multiple HTML Injection.. webapps exploit for Hardware platform
VAR-E-202307-0298 No CVE TP-Link TL-WR740N Directory Traversal No EDB ID
TP-Link TL-WR740N suffers from a directory traversal vulnerability.
VAR-E-202307-0194 No CVE TP-Link TL-WR740N - Authenticated Directory Transversal - Hardware webapps Exploit EDB ID: 51606
TP-Link TL-WR740N - Authenticated Directory Transversal.. webapps exploit for Hardware platform
VAR-E-202307-0292 CVE-2023-36355
 TP-Link TL-WR940N V4 - Buffer OverFlow - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202306-1898		 EDB ID: 51561
TP-Link TL-WR940N V4 - Buffer OverFlow. CVE-2023-36355 . dos exploit for Hardware platform
VAR-E-202306-0259 No CVE Polycom BToE Connector 4.4.0.0 Buffer Overflow / Man-In-The-Middle No EDB ID
Polycom BToE Connector version 4.4.0.0 suffers from remote buffer overflow and man-in-the-middle vulnerabilities.
VAR-E-202305-0084 No CVE Trend Micro OfficeScan Client 10.0 Local Privilege Escalation No EDB ID
Trend Micro OfficeScan Client version 10.0 suffers from an ACL service related local privilege escalation vulnerability.
VAR-E-202305-0344 No CVE Trend Micro OfficeScan Client 10.0 - ACL Service LPE - Windows local Exploit EDB ID: 51453
Trend Micro OfficeScan Client 10.0 - ACL Service LPE.. local exploit for Windows platform
VAR-E-202304-0282 CVE-2022-46552
 D-Link DIR-846 - Remote Command Execution (RCE) vulnerability - Hardware remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202302-0131		 EDB ID: 51243
D-Link DIR-846 - Remote Command Execution (RCE) vulnerability. CVE-2022-46552 . remote exploit for Hardware platform
VAR-E-202303-0355 No CVE D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution - Hardware remote Exploit EDB ID: 51046
D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution.. remote exploit for Hardware platform
VAR-E-202209-0076 CVE-2021-4045
 TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE) - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202203-0288		 EDB ID: 51017
TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE). CVE-2021-4045 . webapps exploit for Hardware platform
VAR-E-202208-0063 No CVE Fiberhome AN5506-02-B Cross Site Scripting No EDB ID
Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.
VAR-E-202205-0043 CVE-2022-1388
 F5 BIG-IP 16.0.x - Remote Code Execution (RCE) - Multiple remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394		 EDB ID: 50932
F5 BIG-IP 16.0.x - Remote Code Execution (RCE). CVE-2022-1388 . remote exploit for Multiple platform
VAR-E-202205-0091 No CVE Tenda HG6 v3.3.0 - Remote Command Injection - Hardware remote Exploit EDB ID: 50916
Tenda HG6 v3.3.0 - Remote Command Injection.. remote exploit for Hardware platform
VAR-E-202203-0014 CVE-2022-24112
CVE-2020-13945
 Apache APISIX 2.12.1 - Remote Code Execution (RCE) - Multiple remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202012-0118, VAR-202202-0171		 EDB ID: 50829
Apache APISIX 2.12.1 - Remote Code Execution (RCE). CVE-2022-24112 . remote exploit for Multiple platform
VAR-E-202203-0029 CVE-2021-46387
 Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS) - Multiple webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202203-0913		 EDB ID: 50797
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS). CVE-2021-46387 . webapps exploit for Multiple platform
VAR-E-202201-0135 CVE-2021-46559
 Moxa TN-5900 Firmware Upgrade Checksum Validation

Related entries in the VARIoT vulnerabilities database: VAR-202201-1815		 No EDB ID
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
VAR-E-202110-0176 No CVE Netgear Genie 2.4.64 Unquoted Service Path No EDB ID
Netgear Genie version 2.4.64 suffers from an unquoted service path vulnerability.
VAR-E-202110-0089 No CVE Netgear Genie 2.4.64 - Unquoted Service Path - Windows local Exploit EDB ID: 50443
Netgear Genie 2.4.64 - Unquoted Service Path.. local exploit for Windows platform