Sign-up

VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-201309-0195 CVE-2013-6128
CVE-2013-6127
 KingView 6.53 - 'KChartXY' ActiveX File Creation / Overwrite - Windows local Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201310-0404, VAR-201310-0626		 EDB ID: 28085
KingView 6.53 - 'KChartXY' ActiveX File Creation / Overwrite. CVE-97014CVE-2013-6128 . local exploit for Windows platform
VAR-E-201309-0194 CVE-2013-6127
CVE-2013-6128
 KingView 6.53 - 'SuperGrid' Insecure ActiveX Control - Windows local Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201310-0404, VAR-201310-0626		 EDB ID: 28084
KingView 6.53 - 'SuperGrid' Insecure ActiveX Control. CVE-97015CVE-2013-6127 . local exploit for Windows platform
VAR-E-201309-0389 No CVE TP-Link TD-W8951ND - Multiple Vulnerabilities No EDB ID
VAR-E-201309-0484 No CVE TP-Link TD-W8951ND - Multiple Vulnerabilities - Hardware webapps Exploit EDB ID: 28055
TP-Link TD-W8951ND - Multiple Vulnerabilities. CVE-96928CVE-96927CVE-96926CVE-96925 . webapps exploit for Hardware platform
VAR-E-201308-0442 No CVE TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting No EDB ID
TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Release 30923 suffers from cross site request forgery and cross site scripting vulnerabilities.
VAR-E-201308-0403 CVE-2013-3607
 Supermicro IPMI Web Interface Multiple Stack-Based Buffer Overflow Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-201309-0235		 No EDB ID
Supermicro IPMI is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code in the context of the device that uses the affected interface. Failed exploit attempts will likely crash the device.
VAR-E-201308-0523 No CVE TP-LINK TD-W8951ND Router Cross Site Scripting and Cross Site Request Forgery Vulnerabilities No EDB ID
TP-LINK TD-W8951ND router is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, perform unauthorized actions, and disclose or modify sensitive information. Other attacks may also be possible. TP-Link TD-W8951ND running firmware 4.0.0 Build 120607.Rel.30923 is vulnerable; other versions may also be affected.
VAR-E-201308-0256 CVE-2013-4980
CVE-2013-4982
CVE-2013-4981
 AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201912-1604, VAR-201403-0124, VAR-201403-0123		 EDB ID: 27942
AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities. CVE-2013-4982CVE-2013-4981CVE-2013-4980CVE-96698CVE-96693CVE-96692 . dos exploit for Hardware platform
VAR-E-201308-0138 CVE-2013-4775
CVE-2013-4776
 Netgear ProSafe - Information Disclosure - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201312-0126, VAR-201312-0127		 EDB ID: 27774
Netgear ProSafe - Information Disclosure. CVE-2013-4775CVE-96476 . webapps exploit for Hardware platform
VAR-E-201308-0457 CVE-2013-3585
CVE-2013-3586
 Samsung DVR Firmware 1.10 - Authentication Bypass - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201308-0209, VAR-201308-0208		 EDB ID: 27753
Samsung DVR Firmware 1.10 - Authentication Bypass. CVE-2013-3586CVE-2013-3585CVE-96510CVE-96509 . webapps exploit for Hardware platform
VAR-E-201308-0137 CVE-2013-4776
CVE-2013-4775
 Netgear ProSafe - Denial of Service - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201312-0126, VAR-201312-0127		 EDB ID: 27775
Netgear ProSafe - Denial of Service. CVE-2013-4776CVE-96477 . dos exploit for Hardware platform
VAR-E-201308-0077 No CVE Samsung DVR Firmware 1.10 - Authentication Bypass Vulnerability No EDB ID
VAR-E-201308-0005 No CVE Samsung DVR Multiple Access Bypass Vulnerabilities No EDB ID
Samsung DVR is prone to multiple access-bypass vulnerabilities. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Samsung DVR firmware version 1.10 and prior are vulnerable.
VAR-E-201308-0191 No CVE Cogent DataHub - HTTP Server Buffer Overflow (Metasploit) - Windows remote Exploit EDB ID: 27704
Cogent DataHub - HTTP Server Buffer Overflow (Metasploit). CVE-95819 . remote exploit for Windows platform
VAR-E-201308-0128 CVE-2013-0526
 IBM 1754 GCM 1.18.0.22011 - Remote Command Execution - Hardware remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201308-0129		 EDB ID: 27706
IBM 1754 GCM 1.18.0.22011 - Remote Command Execution. CVE-2013-0526CVE-96389 . remote exploit for Hardware platform
VAR-E-201308-0464 No CVE D-Link DIR-645 1.03B08 - Multiple Vulnerabilities No EDB ID
VAR-E-201308-0563 No CVE D-Link DIR-645 Buffer Overflow / Cross Site Scripting No EDB ID
D-Link DIR-645 devices suffer from buffer overflow and cross site scripting vulnerabilities.
VAR-E-201308-0274 CVE-2013-7389
 D-Link DIR-645 1.03B08 - Multiple Vulnerabilities - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201407-0318		 EDB ID: 27283
D-Link DIR-645 1.03B08 - Multiple Vulnerabilities. CVE-95953CVE-95952CVE-95951CVE-95950CVE-95949CVE-95910CVE-2013-7389 . webapps exploit for Hardware platform
VAR-E-201308-0135 CVE-2013-4861
CVE-2013-4863
CVE-2013-4862
CVE-2013-4865
CVE-2013-4864
CVE-2016-6255
 MiCasaVerde VeraLite 1.5.408 - Multiple Vulnerabilities - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202001-1147, VAR-202001-1149, VAR-202001-1148, VAR-202001-1150		 EDB ID: 27286
MiCasaVerde VeraLite 1.5.408 - Multiple Vulnerabilities. CVE-2013-4865CVE-2013-4864CVE-2013-4863CVE-2013-4862CVE-2013-4861CVE-96050CVE-96049CVE-96048CVE-96047CVE-96046 . webapps exploit for Hardware platform
VAR-E-201308-0216 CVE-2013-4859
 INSTEON Hub 2242-222 - Lack of Web and API Authentication - Hardware webapps Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201912-1592		 EDB ID: 27284
INSTEON Hub 2242-222 - Lack of Web and API Authentication. CVE-2013-4859CVE-95927 . webapps exploit for Hardware platform