Sign-up

VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-201710-0640 CVE-2017-14493
CVE-2017-14494
CVE-2017-14495
CVE-2017-14492
CVE-2017-14496
CVE-2017-14491
CVE-2017-13704
 Dnsmasq < 2.78 - Stack Overflow - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1433, VAR-201710-1267, VAR-201710-0452, VAR-201710-0451, VAR-201710-0450, VAR-201710-0449, VAR-201710-0448		 EDB ID: 42943
Dnsmasq < 2.78 - Stack Overflow. CVE-2017-14493 . dos exploit for Multiple platform
VAR-E-201710-0644 CVE-2017-14492
CVE-2017-14494
CVE-2017-14495
CVE-2017-14493
CVE-2017-14496
CVE-2017-14491
CVE-2017-13704
 Dnsmasq < 2.78 - Heap Overflow - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1433, VAR-201710-1267, VAR-201710-0452, VAR-201710-0451, VAR-201710-0450, VAR-201710-0449, VAR-201710-0448		 EDB ID: 42942
Dnsmasq < 2.78 - Heap Overflow. CVE-2017-14492 . dos exploit for Multiple platform
VAR-E-201710-0038 CVE-2017-14494
CVE-2017-14495
CVE-2017-14493
CVE-2017-14492
CVE-2017-14496
CVE-2017-14491
CVE-2017-13704
 Dnsmasq < 2.78 - Information Leak - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1433, VAR-201710-1267, VAR-201710-0452, VAR-201710-0451, VAR-201710-0450, VAR-201710-0449, VAR-201710-0448		 EDB ID: 42944
Dnsmasq < 2.78 - Information Leak. CVE-2017-14494 . dos exploit for Multiple platform
VAR-E-201710-0035 CVE-2017-14496
CVE-2017-14494
CVE-2017-14495
CVE-2017-14493
CVE-2017-14492
CVE-2017-14491
CVE-2017-13704
 Dnsmasq < 2.78 - Integer Underflow - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1433, VAR-201710-1267, VAR-201710-0452, VAR-201710-0451, VAR-201710-0450, VAR-201710-0449, VAR-201710-0448		 EDB ID: 42946
Dnsmasq < 2.78 - Integer Underflow. CVE-2017-14496 . dos exploit for Multiple platform
VAR-E-201710-0037 CVE-2017-14495
CVE-2017-14494
CVE-2017-14493
CVE-2017-14492
CVE-2017-14496
CVE-2017-14491
CVE-2017-13704
 Dnsmasq < 2.78 - Lack of free() Denial of Service - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1433, VAR-201710-1267, VAR-201710-0452, VAR-201710-0451, VAR-201710-0450, VAR-201710-0449, VAR-201710-0448		 EDB ID: 42945
Dnsmasq < 2.78 - Lack of free() Denial of Service. CVE-2017-14495 . dos exploit for Multiple platform
VAR-E-201710-0645 CVE-2017-14491
CVE-2017-14494
CVE-2017-14495
CVE-2017-14493
CVE-2017-14492
CVE-2017-14496
CVE-2017-13704
 Dnsmasq < 2.78 - 2-byte Heap Overflow - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-1433, VAR-201710-1267, VAR-201710-0452, VAR-201710-0451, VAR-201710-0450, VAR-201710-0449, VAR-201710-0448		 EDB ID: 42941
Dnsmasq < 2.78 - 2-byte Heap Overflow. CVE-2017-14491 . dos exploit for Multiple platform
VAR-E-201709-0048 CVE-2017-11322
 UCOPIA Wireless Appliance < 5.1.8 - Local Privilege Escalation - Linux local Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-0916		 EDB ID: 42936
UCOPIA Wireless Appliance < 5.1.8 - Local Privilege Escalation. CVE-2017-11322 . local exploit for Linux platform
VAR-E-201709-0008 CVE-2017-11321
 UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape - Linux local Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201710-0915		 EDB ID: 42937
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape. CVE-2017-11321 . local exploit for Linux platform
VAR-E-201709-0049 CVE-2017-14743
 Faleemi FSC-880 CSRF / SQL Injection / Command Execution

Related entries in the VARIoT vulnerabilities database: VAR-201709-0746		 No EDB ID
Faleemi FSC-880 suffers from command execution, cross site request forgery, remote SQL injection, and various other vulnerabilities.
VAR-E-201709-0158 No CVE Netgear ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution - Hardware webapps Exploit EDB ID: 42956
Netgear ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution.. webapps exploit for Hardware platform
VAR-E-201709-0259 CVE-2017-11120
CVE-2017-11121
 Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response - iOS remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201709-0971, VAR-201709-0970		 EDB ID: 42784
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response. CVE-2017-11120 . remote exploit for iOS platform
VAR-E-201709-0469 No CVE D-Link DGS-3000-10TC Cross Site Scripting / Content Spoofing No EDB ID
D-Link DGS-3000-10TC suffers from cross site scripting and content spoofing vulnerabilities.
VAR-E-201709-0120 CVE-2014-0780
 Indusoft Web Studio - Directory Traversal Information Disclosure (Metasploit) - Windows webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201404-0551		 EDB ID: 42699
Indusoft Web Studio - Directory Traversal Information Disclosure (Metasploit). CVE-2014-0780 . webapps exploit for Windows platform
VAR-E-201709-0061 CVE-2016-8377
 Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow (Metasploit) - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201702-1073		 EDB ID: 42700
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow (Metasploit). CVE-2016-8377 . remote exploit for Windows platform
VAR-E-201709-0549 No CVE Huawei HG255s - Directory Traversal Vulnerability No EDB ID
VAR-E-201709-0153 No CVE Huawei HG255s Directory Traversal No EDB ID
Huawei HG255s suffers from a directory traversal vulnerability.
VAR-E-201709-0529 No CVE Huawei HG255s - Directory Traversal - Hardware webapps Exploit EDB ID: 42634
Huawei HG255s - Directory Traversal.. webapps exploit for Hardware platform
VAR-E-201709-0429 CVE-2017-13771
 Lexmark Scan To Network (SNF) 3.2.9 Information Disclosure

Related entries in the VARIoT vulnerabilities database: VAR-201709-1053		 No EDB ID
Lexmark Scan to Network (SNF) printer application versions 3.2.9 and below suffer from a credential disclosure vulnerability.
VAR-E-201708-0093 CVE-2017-12943
 D-Link DIR-600 - Authentication Bypass - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201708-1159		 EDB ID: 42581
D-Link DIR-600 - Authentication Bypass. CVE-2017-12943 . webapps exploit for Hardware platform
VAR-E-201708-0289 CVE-2017-12592
 ASUS DSL-N10S Router CVE-2017-12592 Privilege Escalation Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-201708-0883		 No EDB ID
ASUS DSL-N10S Router is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain admin privileges and perform unauthorized actions.