VARIoT IoT exploits database
| VAR-E-201207-0124 |
CVE-2012-3073 |
Cisco Multiple Products CVE-2012-3073 Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201207-0174 | No EDB ID |
Multiple Cisco products are prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users.
The following Cisco products are vulnerable:
Cisco TelePresence Multipoint Switch
Cisco TelePresence Manager
Cisco TelePresence Recording Server
This issue is being tracked by the following Cisco Bug IDs:
CSCty11219
CSCty11299
CSCty11323
CSCty11338
CSCti21851
CSCtj19100
CSCtj19078
CSCti21830
| VAR-E-201206-1143 | No CVE | SpecView 2.5 Build 853 Directory Traversal | No EDB ID |
SpecView versions 2.5 build 853 and below suffer from a remote directory traversal vulnerability.
| VAR-E-201206-0434 |
CVE-2012-5972 |
specview 2.5 build 853 - Directory Traversal - Windows webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201301-0096 | EDB ID: 19455 |
specview 2.5 build 853 - Directory Traversal. CVE-83396CVE-2012-5972 . webapps exploit for Windows platform
| VAR-E-201206-0192 | No CVE | Kingview Network Based Buffer Overflow Vulnerability | No EDB ID |
Kingview is prone to a network-based buffer-overflow vulnerability.
Successful exploits may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Kingview 6.53 is vulnerable; other versions may also be affected.
| VAR-E-201206-0265 | No CVE | Huawei HG866 - Authentication Bypass - Hardware webapps Exploit | EDB ID: 19185 |
Huawei HG866 - Authentication Bypass. CVE-83117 . webapps exploit for Hardware platform
| VAR-E-201206-0548 | No CVE | Edimax IC-3030iWn - UDP Packet Password Information Disclosure - Hardware remote Exploit | EDB ID: 37405 |
Edimax IC-3030iWn - UDP Packet Password Information Disclosure.. remote exploit for Hardware platform
| VAR-E-201206-0488 |
CVE-2012-1493 |
F5 BIG-IP - Authentication Bypass (PoC) - Hardware dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201207-0327 | EDB ID: 19064 |
F5 BIG-IP - Authentication Bypass (PoC). CVE-82780CVE-2012-1493 . dos exploit for Hardware platform
| VAR-E-201206-0489 |
CVE-2012-1493 |
F5 BIG-IP - Authentication Bypass - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201207-0327 | EDB ID: 19091 |
F5 BIG-IP - Authentication Bypass. CVE-2012-1493CVE-82780 . remote exploit for Hardware platform
| VAR-E-201206-0487 |
CVE-2012-1493 |
F5 BIG-IP - SSH Private Key Exposure (Metasploit) - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201207-0327 | EDB ID: 19099 |
F5 BIG-IP - SSH Private Key Exposure (Metasploit). CVE-2012-1493CVE-82780 . remote exploit for Hardware platform
| VAR-E-201206-0992 |
CVE-2012-2598 CVE-2012-3003 CVE-2012-2597 CVE-2012-2596 CVE-2012-2595 |
Siemens WinCC Multiple Security Vulnerabilities
Related entries in the VARIoT vulnerabilities database: VAR-201206-0072, VAR-201206-0115, VAR-201206-0071, VAR-201206-0073, VAR-201206-0074 | No EDB ID |
Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.
| VAR-E-201206-0149 |
CVE-2012-3815 CVE-2012-4355 CVE-2012-4354 CVE-2012-4356 CVE-2012-4353 CVE-2012-4357 CVE-2012-4358 CVE-2012-4359 |
Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201208-0291, VAR-201208-0290, VAR-201208-0289, VAR-201208-0288, VAR-201208-0287, VAR-201208-0286, VAR-201208-0285, VAR-201206-0183 | EDB ID: 19409 |
Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities. CVE-83312CVE-83309CVE-83276CVE-83275CVE-2012-4357CVE-2012-4356CVE-2012-4355CVE-2012-4354CVE-2012-4353CVE-2012-3815 . dos exploit for Windows platform
| VAR-E-201206-0148 |
CVE-2012-3815 CVE-2012-4355 CVE-2012-4358 CVE-2012-4354 CVE-2012-4359 CVE-2012-4356 CVE-2012-4353 CVE-2012-4357 |
Sielco Sistemi Winlog 2.07.14 - Remote Buffer Overflow (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201208-0291, VAR-201208-0290, VAR-201208-0289, VAR-201208-0288, VAR-201208-0287, VAR-201208-0286, VAR-201208-0285, VAR-201206-0183 | EDB ID: 19025 |
Sielco Sistemi Winlog 2.07.14 - Remote Buffer Overflow (Metasploit). CVE-82778CVE-2012-3815CVE-82654 . remote exploit for Windows platform
| VAR-E-201205-0006 |
CVE-2012-2488 |
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201205-0146 | No EDB ID |
Cisco IOS XR Software is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause the route processor on an affected device to stop transmitting packets from the route processor CPU to the fabric, resulting in a denial-of-service condition.
This issue is being tracked by Cisco Bug IDs CSCty94537 (ASR 9000) and CSCtz62593 (CRS).
| VAR-E-201205-0812 |
CVE-2012-3007 |
Wonderware SuiteLink Unallocated Unicode String Remote Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201207-0134 | No EDB ID |
Wonderware SuiteLink is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users.
| VAR-E-201205-0160 | No CVE | Belkin N150 Wireless Router 'login.stm' Administrator Password Information Disclosure Vulnerability | No EDB ID |
Belkin N150 Wireless Router is prone to a password information-disclosure vulnerability.
Attackers can exploit this issue to gain access to the administrator's password. Successfully exploiting this issue may lead to other attacks.
Belkin N150 Wireless Router firmware version 1.00.22 is vulnerable; other versions may also be affected.
| VAR-E-201205-0556 | No CVE | Netgear WNDRMAC 1.0.0.22 Information Disclosure | No EDB ID |
Netgear WNDRMAC versions 1.0.0.22 and below suffer from a serial number disclosure vulnerability.
| VAR-E-201205-0813 | No CVE | Wonderware Archestra SuiteLink 'slssvc.exe' Remote Denial of Service Vulnerability | No EDB ID |
Wonderware Archestra SuiteLink is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the application to crash, denying service to legitimate users.
| VAR-E-201205-0124 |
CVE-2012-2765 | Belkin N150 Wireless Router - Password Disclosure - Hardware webapps Exploit | EDB ID: 18859 |
Belkin N150 Wireless Router - Password Disclosure. CVE-73243CVE-2012-2765 . webapps exploit for Hardware platform
| VAR-E-201205-0174 |
CVE-2012-1990 |
Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection - PHP webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201205-0119 | EDB ID: 37137 |
Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection. CVE-2012-1990CVE-81788 . webapps exploit for PHP platform
| VAR-E-201205-0771 | No CVE | Mikrotik Router Denial Of Service | No EDB ID |
Mikrotik Router suffers from a denial of service vulnerability.