VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-202104-0026 CVE-2021-22986
F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated) - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202103-0654
EDB ID: 49738
F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated). CVE-2021-22986 . webapps exploit for Hardware platform
VAR-E-202103-0190 No CVE Sony Playstation 4 (PS4) < 7.55 - 'Jailbreak' Webkit / Kernel Loader 'SOCK_RAW' 'IP6_EXTHDR_CHECK' EDB ID: 49664
VAR-E-202103-0099 No CVE Sony PlayStation 4 Jailbreaking Information No EDB ID
Sony Playstation 4 (PS4) versions prior to 7.55 webkit jailbreak exploit.
VAR-E-202101-0046 No CVE SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated) - Hardware webapps Exploit EDB ID: 49499
SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated).. webapps exploit for Hardware platform
VAR-E-202101-0080 CVE-2021-1167
Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC) - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202101-0847
EDB ID: 49425
Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC). CVE-2021-1167 . webapps exploit for Hardware platform
VAR-E-202101-0202 No CVE FiberHome HG6245D Disclosure / Bypass / Privilege Escalation / DoS No EDB ID
FiberHome HG6245D routers suffer from bypass, hard-coded credentials, password disclosure, privilege escalation, denial of service, remote stack overflow, and additional vulnerabilities. suffers from bypass, cross site scripting, denial of service, and privilege escalation vulnerabilities.
VAR-E-202101-0084 CVE-2020-17519
Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit) - Java webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202101-0146
EDB ID: 49398
Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit). CVE-2020-17519 . webapps exploit for Java platform
VAR-E-202012-0027 CVE-2018-7580
Philips Hue Denial Of Service

Related entries in the VARIoT vulnerabilities database: VAR-202012-1268
No EDB ID
Philips Hue hubs suffer from a denial of service vulnerability via simple SYN floods.
VAR-E-202012-0353 No CVE Linksys RE6500 1.0.11.001 Remote Code Execution No EDB ID
Linksys RE6500 version 1.0.11.001 unauthenticated remote code execution exploit.
VAR-E-202012-0228 No CVE Linksys RE6500 1.0.11.001 - Unauthenticated RCE - Hardware webapps Exploit EDB ID: 49270
Linksys RE6500 1.0.11.001 - Unauthenticated RCE.. webapps exploit for Hardware platform
VAR-E-202012-0227 No CVE Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC) - Hardware webapps Exploit EDB ID: 49309
Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC).. webapps exploit for Hardware platform
VAR-E-202012-0099 No CVE Eaton Intelligent Power Manager 1.6 - Directory Traversal EDB ID: 48614
VAR-E-202011-0147 No CVE VTiger v7.0 CRM - 'To' Persistent XSS - PHP webapps Exploit EDB ID: 49090
VTiger v7.0 CRM - 'To' Persistent XSS.. webapps exploit for PHP platform
VAR-E-202011-0061 No CVE Vtiger CRM 7.0 Cross Site Scripting No EDB ID
Vtiger CRM version 7.0 suffers from a persistent cross site scripting vulnerability.
VAR-E-202011-0163 No CVE Cisco 7937G Denial Of Service / Privilege Escalation No EDB ID
Cisco 7937G suffers from denial of service and privilege escalation vulnerabilities.
VAR-E-202011-0110 No CVE Cisco 7937G - DoS/Privilege Escalation - Hardware remote Exploit EDB ID: 49057
Cisco 7937G - DoS/Privilege Escalation.. remote exploit for Hardware platform
VAR-E-202011-0179 CVE-2018-9285
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit) - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201804-1341
EDB ID: 49036
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit).. webapps exploit for Hardware platform
VAR-E-202011-0048 No CVE Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC) - Hardware webapps Exploit EDB ID: 49308
Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC).. webapps exploit for Hardware platform
VAR-E-202011-0011 CVE-2020-25015
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202009-0727
EDB ID: 49000
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF. CVE-2020-25015 . webapps exploit for Hardware platform
VAR-E-202011-0114 No CVE Apache Flink 1.9.x - File Upload RCE (Unauthenticated) - Java webapps Exploit EDB ID: 48978
Apache Flink 1.9.x - File Upload RCE (Unauthenticated).. webapps exploit for Java platform