Sign-up

VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-201711-0161 CVE-2017-16819
 Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201711-0621		 EDB ID: 43158
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting. CVE-2017-16819 . webapps exploit for Hardware platform
VAR-E-201711-0229 No CVE TP-Link TL-WR740N - Cross-Site Scripting - Hardware webapps Exploit EDB ID: 43148
TP-Link TL-WR740N - Cross-Site Scripting.. webapps exploit for Hardware platform
VAR-E-201711-0295 CVE-2017-12737
CVE-2017-12738
CVE-2017-12739
 Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution

Related entries in the VARIoT vulnerabilities database: VAR-201711-0761, VAR-201711-0759, VAR-201711-0760		 No EDB ID
Siemens SICAM RTUs SM-2556 COM modules (firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00) suffer from authentication bypass, code execution, and cross site scripting vulnerabilities.
VAR-E-201711-0123 CVE-2017-9675
 D-Link DIR-605L < 2.08 - Denial of Service - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201706-0669		 EDB ID: 43147
D-Link DIR-605L < 2.08 - Denial of Service. CVE-2017-9675 . dos exploit for Hardware platform
VAR-E-201710-0308 CVE-2017-12728
 SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-201710-1115		 No EDB ID
VAR-E-201710-0246 CVE-2017-14017
CVE-2017-14019
 Progea Movicon 11.5.1181 Search Path Issues Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-201710-0804, VAR-201710-0805		 No EDB ID
VAR-E-201710-0220 CVE-2016-10401
 ZyXEL PK5001Z Modem - Backdoor Account - Hardware remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201707-0041		 EDB ID: 43105
ZyXEL PK5001Z Modem - Backdoor Account. CVE-2016-10401 . remote exploit for Hardware platform
VAR-E-201710-0435 No CVE TP-Link WR940N - Authenticated Remote Code Exploit Exploit No EDB ID
VAR-E-201710-0493 No CVE Huawei HG255s - Server Directory Traversal Vulnerability No EDB ID
VAR-E-201710-0190 No CVE Huawei HG255s - Server Directory Traversal Vulnerability No EDB ID
VAR-E-201710-0438 No CVE Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit) - Hardware remote Exploit EDB ID: 43055
Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit).. remote exploit for Hardware platform
VAR-E-201710-0001 CVE-2017-13772
 TP-Link WDR4300 - Remote Code Execution (Authenticated) - Hardware remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1271		 EDB ID: 48994
TP-Link WDR4300 - Remote Code Execution (Authenticated). CVE-2017-13772 . remote exploit for Hardware platform
VAR-E-201710-0003 CVE-2017-13772
CVE-2021-26709
CVE-2019-1912
CVE-2019-1913
CVE-2019-1914
 Cisco Small Business 220 Series - Multiple Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-201908-1018, VAR-201908-1017, VAR-201908-1016, VAR-202104-1584, VAR-201710-1271		 EDB ID: 45541
VAR-E-201710-0002 CVE-2017-13772
 TP-Link WR940N - (Authenticated) Remote Code - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1271		 EDB ID: 43022
TP-Link WR940N - (Authenticated) Remote Code. CVE-2017-13772 . webapps exploit for Hardware platform
VAR-E-201710-0481 CVE-2017-13078
CVE-2017-13087
CVE-2017-13079
CVE-2017-13082
CVE-2017-13088
CVE-2017-13077
CVE-2017-13086
CVE-2017-13084
CVE-2017-13080
CVE-2017-13081
 WPA2 Key Reinstallation Multiple Security Weaknesses

Related entries in the VARIoT vulnerabilities database: VAR-201710-0213, VAR-201710-0975, VAR-201710-0974, VAR-201710-0214, VAR-201710-0212, VAR-201710-0209, VAR-201710-0208, VAR-201710-0211, VAR-201710-0206, VAR-201710-0207		 No EDB ID
WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. This may aid in further attacks.
VAR-E-201710-0391 No CVE UCOPIA Wireless Appliance 5.1 (Captive Portal) - Root Remote Code Execution Vulnerability No EDB ID
VAR-E-201710-0369 CVE-2017-14013
CVE-2017-14005
CVE-2017-14009
CVE-2017-14007
CVE-2017-14011
 MultiFLEX M10a Controller Multiple Security Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-201710-0800, VAR-201710-0799, VAR-201710-0801, VAR-201710-0802, VAR-201710-0803		 No EDB ID
MultiFLEX M10a Controller is prone to the following multiple security vulnerabilities: 1. Multiple security-bypass vulnerabilities 2. An information-disclosure vulnerability 3. A cross-site request-forgery vulnerability Exploiting these issues may allow a remote attacker to perform certain administrative actions, bypass certain security restrictions, gaining unauthorized access to the affected device and obtaining sensitive information; other attacks are also possible.
VAR-E-201710-0022 CVE-2017-15291
 TP-Link TL-MR3220 - Cross-Site Scripting - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1284		 EDB ID: 43023
TP-Link TL-MR3220 - Cross-Site Scripting. CVE-2017-15291 . webapps exploit for Hardware platform
VAR-E-201710-0359 No CVE UCOPIA Wireless Appliance 5.1 Code Execution No EDB ID
UCOPIA Wireless Appliance versions 5.1 and below suffer from a captive portal remote root code execution vulnerability.
VAR-E-201710-0367 No CVE UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution - Linux remote Exploit EDB ID: 42949
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution.. remote exploit for Linux platform