VARIoT IoT exploits database

VAR-E-202209-0076 |
CVE-2021-4045 |
TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE) - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202203-0288 | EDB ID: 51017 |
TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE). CVE-2021-4045 . webapps exploit for Hardware platform
VAR-E-202208-0063 | No CVE | Fiberhome AN5506-02-B Cross Site Scripting | No EDB ID |
Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.
VAR-E-202205-0043 |
CVE-2022-1388 |
F5 BIG-IP 16.0.x - Remote Code Execution (RCE) - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202205-0394 | EDB ID: 50932 |
F5 BIG-IP 16.0.x - Remote Code Execution (RCE). CVE-2022-1388 . remote exploit for Multiple platform
VAR-E-202205-0091 | No CVE | Tenda HG6 v3.3.0 - Remote Command Injection - Hardware remote Exploit | EDB ID: 50916 |
Tenda HG6 v3.3.0 - Remote Command Injection.. remote exploit for Hardware platform
VAR-E-202203-0014 |
CVE-2022-24112 CVE-2020-13945 |
Apache APISIX 2.12.1 - Remote Code Execution (RCE) - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202012-0118, VAR-202202-0171 | EDB ID: 50829 |
Apache APISIX 2.12.1 - Remote Code Execution (RCE). CVE-2022-24112 . remote exploit for Multiple platform
VAR-E-202203-0029 |
CVE-2021-46387 |
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS) - Multiple webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202203-0913 | EDB ID: 50797 |
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (XSS). CVE-2021-46387 . webapps exploit for Multiple platform
VAR-E-202201-0135 |
CVE-2021-46559 | Moxa TN-5900 Firmware Upgrade Checksum Validation | No EDB ID |
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
VAR-E-202110-0176 | No CVE | Netgear Genie 2.4.64 Unquoted Service Path | No EDB ID |
Netgear Genie version 2.4.64 suffers from an unquoted service path vulnerability.
VAR-E-202110-0089 | No CVE | Netgear Genie 2.4.64 - Unquoted Service Path - Windows local Exploit | EDB ID: 50443 |
Netgear Genie 2.4.64 - Unquoted Service Path.. local exploit for Windows platform
VAR-E-202107-0038 | No CVE | Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated) - Hardware webapps Exploit | EDB ID: 50099 |
Netgear DGN2200v1 - Remote Command Execution (RCE) (Unauthenticated).. webapps exploit for Hardware platform
VAR-E-202106-0265 | No CVE | Netgear WNAP320 2.0.3 Remote Code Execution | No EDB ID |
Netgear WNAP320 version 2.0.3 suffers from an unauthenticated remote code execution vulnerability.
VAR-E-202106-0127 | No CVE | Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthenticated) - Hardware webapps Exploit | EDB ID: 50069 |
Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthenticated).. webapps exploit for Hardware platform
VAR-E-202106-0266 |
CVE-2020-35575 |
TP-Link TL-WR841N Command Injection
Related entries in the VARIoT vulnerabilities database: VAR-202012-1159 | No EDB ID |
TP-Link TL-WR841N suffers from a remote command injection vulnerability.
VAR-E-202106-0039 |
CVE-2020-35576 |
TP-Link TL-WR841N - Command Injection - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202101-0591 | EDB ID: 50058 |
TP-Link TL-WR841N - Command Injection. CVE-2020-35576 . webapps exploit for Hardware platform
VAR-E-202104-0026 |
CVE-2021-22986 | F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated) - Hardware webapps Exploit | EDB ID: 49738 |
F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated). CVE-2021-22986 . webapps exploit for Hardware platform
VAR-E-202103-0190 | No CVE | Sony Playstation 4 (PS4) < 7.55 - 'Jailbreak' Webkit / Kernel Loader 'SOCK_RAW' 'IP6_EXTHDR_CHECK' | EDB ID: 49664 |
VAR-E-202103-0099 | No CVE | Sony PlayStation 4 Jailbreaking Information | No EDB ID |
Sony Playstation 4 (PS4) versions prior to 7.55 webkit jailbreak exploit.
VAR-E-202101-0046 | No CVE | SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated) - Hardware webapps Exploit | EDB ID: 49499 |
SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated).. webapps exploit for Hardware platform
VAR-E-202101-0080 |
CVE-2021-1167 |
Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC) - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202101-0847 | EDB ID: 49425 |
Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC). CVE-2021-1167 . webapps exploit for Hardware platform
VAR-E-202101-0202 | No CVE | FiberHome HG6245D Disclosure / Bypass / Privilege Escalation / DoS | No EDB ID |
FiberHome HG6245D routers suffer from bypass, hard-coded credentials, password disclosure, privilege escalation, denial of service, remote stack overflow, and additional vulnerabilities. suffers from bypass, cross site scripting, denial of service, and privilege escalation vulnerabilities.