VARIoT IoT exploits database

VAR-E-201210-0457	CVE-2012-4661	Multiple Cisco Products CVE-2012-4661 Buffer Overflow Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201210-0130	No EDB ID

Multiple Cisco products are prone to a buffer-overflow vulnerability. This issue is being tracked by Cisco Bug ID CSCtr21359. Attackers can exploit this issue to execute arbitrary command within the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. The following products are affected: Cisco Firewall Services Module (FWSM) Cisco ASA 5500 Series Adaptive Security Appliances Cisco Catalyst 6500 Series ASA Services Module

VAR-E-201210-0121	CVE-2012-4663 CVE-2012-4662	Multiple Cisco Products Multiple Remote Denial of Service Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201210-0125, VAR-201210-0126	No EDB ID

Multiple Cisco products are prone to multiple remote denial-of-service vulnerabilities. These issues are being tracked by Cisco Bug IDs: CSCtr21346, CSCtr21376, CSCtr27521 and CSCtr27524. Successful exploit of these issues to cause the affected device to crash and reload, denying service to legitimate users. The following products are affected: Cisco Firewall Services Module (FWSM) Cisco ASA 5500 Series Adaptive Security Appliances Cisco Catalyst 6500 Series ASA Services Module

VAR-E-201210-0423	No CVE	TP-LINK TD-W8151N Cross Site Request Forgery	No EDB ID

TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.

VAR-E-201209-0720	CVE-2012-3949	Cisco IOS and Unified Communications Manager (CVE-2012-3949) Denial of Service Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201209-0399	No EDB ID

Cisco IOS and Unified Communications Manager are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug IDs CSCtj33003, CSCtw84664, and CSCtw66721.

VAR-E-201209-0106	CVE-2012-4623	Cisco IOS DHCP Version 6 Server CVE-2012-4623 Denial of Service Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201209-0193	No EDB ID

Cisco IOS is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCto57723.

VAR-E-201209-0574	No CVE	TP-LINK TL-WR340G Denial Of Service	No EDB ID

The TP-LINK TL-WR340G SOHO router version 4.7.11 suffers from a malformed packet denial of service vulnerability.

VAR-E-201208-0500	No CVE	GE Proficy Historian 'KeyHelp.ocx' ActiveX Control Remote Code Execution Vulnerability	No EDB ID

Proficy Historian is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the process.

VAR-E-201208-0786	CVE-2012-3517 CVE-2012-3519 CVE-2012-3518	Tor Multiple Security Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201208-0157, VAR-201208-0159, VAR-201208-0158	No EDB ID

Tor is prone to multiple remote vulnerabilities, including: 1. Multiple denial-of-service vulnerabilities. 2. An information-disclosure vulnerability. 3. An out-of-bounds memory-access vulnerability. Attackers can exploit theses issues to crash the affected application, cause denial-of service conditions, or retrieve potentially sensitive information.

VAR-E-201208-0185	No CVE	Samsung Galaxy S2 World Writeable Directories	No EDB ID

Some system directories on the Samsung Galaxy S2 for Sprint-US (Epic 4G Touch) are world-writable and allow for information disclosure, modification, and may lead to local root compromise of the device.

VAR-E-201208-0143	No CVE	SAP Netweaver 'SAPHostControl' Service Remote Code Execution Vulnerability	No EDB ID

SAP Netweaver is prone to a remote code-execution vulnerability. An attacker may leverage this issue to execute arbitrary script code with administrator user rights in context of the affected application. This may allow an attacker to take complete control of the system. SAP NetWeaver 7.02 is vulnerable; other versions may also be affected.

VAR-E-201208-0356	CVE-2012-1535	Adobe Flash Player 11.3 - Font Parsing Code Execution (Metasploit) - Windows remote Exploit Related entries in the VARIoT vulnerabilities database: VAR-201208-0526	EDB ID: 20624

Adobe Flash Player 11.3 - Font Parsing Code Execution (Metasploit). CVE-2012-1535CVE-84607 . remote exploit for Windows platform

VAR-E-201208-0950	CVE-2012-1357	Multiple Cisco Nexus Devices CVE-2012-1357 Remote Denial of Service Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201208-0702	No EDB ID

Multiple Cisco Nexus devices are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the device to crash, denying service to legitimate users. The following devices are affected: Cisco Nexus 2000 Cisco Nexus 5000 This issue is documented by CSCts46521.

VAR-E-201207-0679	CVE-2012-3018	Iconics GENESIS32 and BizViz Local Authentication Bypass Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201207-0139	No EDB ID

Iconics GENESIS32 and BizViz are prone to a local authentication-bypass vulnerability. A local attacker can exploit this issue to bypass authentication methods and gain unauthorized administrative access in the Security Configurator. Successful exploits may lead to other attacks. Iconics GENESIS32 and BizViz versions 9.22 and prior are vulnerable.

VAR-E-201207-0292	CVE-2012-4899	WellinTech KingView Backdoor Unauthorized Access Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201210-0353	No EDB ID

WellinTech KingView is prone to an unauthorized-access vulnerability due to a backdoor in all versions of the application. Attackers can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks.

VAR-E-201207-0004	CVE-2013-1594 CVE-2013-1597 CVE-2013-1595 CVE-2013-1596 CVE-2013-1598	Vivotek IP Cameras - Multiple Vulnerabilities - Hardware webapps Exploit Related entries in the VARIoT vulnerabilities database: VAR-202001-0837, VAR-202001-0836, VAR-202001-0838, VAR-202001-0834, VAR-202001-0835	EDB ID: 25139

Vivotek IP Cameras - Multiple Vulnerabilities. CVE-2013-1598CVE-2013-1597CVE-2013-1596CVE-2013-1595CVE-2013-1594CVE-92877CVE-92876CVE-92875CVE-92874CVE-92873 . webapps exploit for Hardware platform

VAR-E-201207-0043	No CVE	Siemens Simatic S7-300/400 - CPU START/STOP Module (Metasploit) - Hardware remote Exploit	EDB ID: 19831

Siemens Simatic S7-300/400 - CPU START/STOP Module (Metasploit). CVE-72870 . remote exploit for Hardware platform

VAR-E-201207-0044	No CVE	Siemens Simatic S7-300 - PLC Remote Memory Viewer (Metasploit) - Hardware remote Exploit	EDB ID: 19832

Siemens Simatic S7-300 - PLC Remote Memory Viewer (Metasploit). CVE-73645 . remote exploit for Hardware platform

VAR-E-201207-0042	No CVE	Siemens Simatic S7-1200 - CPU START/STOP Module (Metasploit) - Hardware remote Exploit	EDB ID: 19833

Siemens Simatic S7-1200 - CPU START/STOP Module (Metasploit). CVE-72870 . remote exploit for Hardware platform

VAR-E-201207-0024	CVE-2012-5687	TP-Link Gateway 3.12.4 - Multiple Vulnerabilities - Hardware webapps Exploit Related entries in the VARIoT vulnerabilities database: VAR-201211-0400	EDB ID: 19774

TP-Link Gateway 3.12.4 - Multiple Vulnerabilities. CVE-90262CVE-84906CVE-84905 . webapps exploit for Hardware platform

VAR-E-201207-0299	CVE-2012-3076	Cisco TelePresence Recording Server Web Interface Remote Command Injection Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201207-0177	No EDB ID

Cisco TelePresence Recording Server is prone to a remote command-injection vulnerability. Successful exploits will result in the execution of arbitrary attacker-supplied commands in the context of the root user. This may facilitate a complete compromise. This issue is being tracked by Cisco bug ID CSCti21830.