VARIoT IoT exploits database
| VAR-E-201304-0291 |
CVE-2013-1152 |
Cisco Adaptive Security Appliance CVE-2013-1152 Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201304-0280 | No EDB ID |
Cisco Adaptive Security Appliance (ASA) is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to reload an affected device, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCuc80080.
| VAR-E-201304-0228 |
CVE-2013-1151 |
Cisco Adaptive Security Appliance CVE-2013-1151 Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201304-0279 | No EDB ID |
Cisco Adaptive Security Appliance (ASA) is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to reload an affected device, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCuc72408.
| VAR-E-201304-0169 |
CVE-2013-1149 |
Multiple Cisco Products CVE-2013-1149 Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201304-0282 | No EDB ID |
Multiple Cisco products are prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to reload an affected device, denying service to legitimate users.
This issue is being tracked by Cisco Bug IDs CSCub85692 and CSCud20267.
The following products are vulnerable:
Cisco Adaptive Security Appliance
Cisco Firewall Services Module (FWSM)
| VAR-E-201304-0011 |
CVE-2013-1150 |
Cisco Adaptive Security Appliance CVE-2013-1150 Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201304-0283 | No EDB ID |
Cisco Adaptive Security Appliance (ASA) is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to reload an affected device, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCud16590.
| VAR-E-201304-0214 | No CVE | Netgear DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit) - Hardware remote Exploit | EDB ID: 24931 |
Netgear DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit). CVE-89985 . remote exploit for Hardware platform
| VAR-E-201304-0343 | No CVE | TP-Link TD-8817 Router Cross Site Request Forgery Vulnerability | No EDB ID |
TP-Link TD-8817 Router is prone to a cross-site request-forgery vulnerability.
Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected device.
| VAR-E-201303-0236 | No CVE | Draytek Vigor 3900 1.06 - Privilege Escalation | No EDB ID |
| VAR-E-201303-0151 | No CVE | Draytek Vigor 3900 1.06 - Local Privilege Escalation - Hardware local Exploit | EDB ID: 24899 |
Draytek Vigor 3900 1.06 - Local Privilege Escalation. CVE-91811 . local exploit for Hardware platform
| VAR-E-201303-0550 | No CVE | Rosewill RSVA11001 - Remote Command Injection - Hardware remote Exploit | EDB ID: 24892 |
Rosewill RSVA11001 - Remote Command Injection. CVE-91630 . remote exploit for Hardware platform
| VAR-E-201303-0345 | No CVE | Rosewill RSVA11001 Remote Code Execution | No EDB ID |
Rosewill RSVA11001 Hi3515 suffers from a remote command execution vulnerability due to feeding unsanitized user-supplied data to ntpdate.
| VAR-E-201303-0347 | No CVE | Polycom HDX Privilege Escalation | No EDB ID |
The Polycom Command Shell can be used to view and also change several settings of the system. However it can also be used to get system-level access (i.e. root access) to the HDX system. The "printenv" and "setenv" commands can be used to read and write variables respectively which are stored in flash memory. Polycom HDX series versions prior to 3.1.1.2 are affected.
| VAR-E-201303-0509 | No CVE | Samsung TV 'SOAPACTION' Denial of Service Vulnerability | No EDB ID |
Samsung TV is prone to denial-of-service vulnerability.
Remote attackers can exploit this issue to cause the device to crash, denying service to legitimate users.
| VAR-E-201303-0485 |
CVE-2013-2271 |
D-Link DSL-2740B ADSL Router - Authentication Bypass - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201311-0061 | EDB ID: 24563 |
D-Link DSL-2740B ADSL Router - Authentication Bypass. CVE-2013-2271CVE-90822 . webapps exploit for Hardware platform
| VAR-E-201302-0148 |
CVE-2013-0108 |
Honeywell HSC Remote Deployer - ActiveX Remote Code Execution (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201302-0202 | EDB ID: 24745 |
Honeywell HSC Remote Deployer - ActiveX Remote Code Execution (Metasploit). CVE-2013-0108CVE-90583 . remote exploit for Windows platform
| VAR-E-201302-0595 | No CVE | Samsung Galaxy S3 Screen Lock Security Bypass Vulnerability | No EDB ID |
Samsung Galaxy S3 is prone to a security-bypass vulnerability due to a failure to restrict access to locked devices.
An attacker with physical access to a locked device can leverage this issue to bypass the lock screen and gain partial access to the device.
| VAR-E-201302-0230 | No CVE | Polycom HDX - Telnet Authentication Bypass (Metasploit) - Hardware remote Exploit | EDB ID: 24494 |
Polycom HDX - Telnet Authentication Bypass (Metasploit).. remote exploit for Hardware platform
| VAR-E-201302-0128 |
CVE-2012-4711 |
KingView - Log File Parsing Buffer Overflow (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201302-0034 | EDB ID: 24887 |
KingView - Log File Parsing Buffer Overflow (Metasploit). CVE-2012-4711CVE-89690 . remote exploit for Windows platform
| VAR-E-201302-0403 | No CVE | Schneider Electric Accutech Manager Heap Overflow | No EDB ID |
Schneider Electric Accutech Manager heap overflow proof of concept exploit.
| VAR-E-201302-0306 | No CVE | D-Link DIR-615 Multiple Remote Security Vulnerabilities | No EDB ID |
D-Link DIR-615 is prone to multiple security vulnerabilities, including:
1. A remote command-injection vulnerability
2. An information-disclosure vulnerability
3. A cross-site request-forgery vulnerability
Exploiting these issues could allow an attacker to disclose sensitive information, perform arbitrary actions, or execute arbitrary commands in the context of the affected device.
| VAR-E-201302-0093 |
CVE-2013-2678 CVE-2013-2679 CVE-2013-2682 CVE-2013-2680 CVE-2013-2681 CVE-2013-2683 CVE-2013-2684 |
Linksys E1500/E2500 - Multiple Vulnerabilities - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202002-0524, VAR-202002-0520, VAR-202002-0525, VAR-202002-0523, VAR-202002-0522, VAR-202002-0519, VAR-202002-0521 | EDB ID: 24475 |
Linksys E1500/E2500 - Multiple Vulnerabilities. CVE-89916CVE-89915CVE-89914CVE-89913CVE-89912CVE-89911CVE-2013-2678 . webapps exploit for Hardware platform