VARIoT IoT exploits database
| VAR-E-201112-0114 | No CVE | Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection - Hardware remote Exploit | EDB ID: 36475 |
Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection.. remote exploit for Hardware platform
| VAR-E-201112-0064 | No CVE | HTC Touch2 T3333 Memory Corruption | No EDB ID |
HTCVideoPlayer is the default media player of HTC Windows Mobile devices. This media player is prone to a memory corruption vulnerability while parsing stbl atom of 3g2 video format.
| VAR-E-201108-0001 |
CVE-2014-5329 CVE-2011-3192 CVE-2013-2465 CVE-2012-0507 CVE-2011-4885 CVE-2011-5035 |
Apache - Denial of Service - Linux dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0123, VAR-201306-0242, VAR-201108-0132 | EDB ID: 18221 |
Apache - Denial of Service. CVE-2014-5329CVE-74721CVE-2011-3192 . dos exploit for Linux platform
| VAR-E-201112-0029 | No CVE | HTC Touch2 T3333 HTCVideoPlayer Memory Corruption Vulnerability | No EDB ID |
HTCVideoPlayer is prone to a memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
| VAR-E-201112-0030 |
CVE-2011-4836 CVE-2011-4837 CVE-2011-4835 |
HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0237, VAR-201112-0238, VAR-201112-0239 | EDB ID: 36429 |
HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting. CVE-2011-4836CVE-77588 . remote exploit for Hardware platform
| VAR-E-201112-0378 | No CVE | D-Link DNS-320 ShareCenter - Remote Reboot/Shutdown/Reset (Denial of Service) - Hardware dos Exploit | EDB ID: 18199 |
D-Link DNS-320 ShareCenter - Remote Reboot/Shutdown/Reset (Denial of Service). CVE-77573 . dos exploit for Hardware platform
| VAR-E-201112-0117 | No CVE | D-Link ShareCenter Remote Code Execution | No EDB ID |
This advisory expands on a previously known authentication bypass issue in D-Link ShareCenter products. It documents how the vulnerability can also be leveraged to execute arbitrary commands.
| VAR-E-201111-0049 | No CVE | CTEK SkyRouter 4200 / 4300 Command Execution | No EDB ID |
This Metasploit module exploits an unauthenticated remote root vulnerability within CTEK SkyRouter versions 4200 and 4300.
| VAR-E-201111-0297 |
CVE-2011-5010 |
CTEK SkyRouter 4200/4300 - Command Execution (Metasploit) - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0100 | EDB ID: 18172 |
CTEK SkyRouter 4200/4300 - Command Execution (Metasploit). CVE-2011-5010CVE-77497 . remote exploit for Hardware platform
| VAR-E-201003-0017 |
CVE-2011-3544 CVE-2013-2465 |
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit) - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201306-0242 | EDB ID: 18171 |
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit). CVE-2011-3544CVE-76500 . remote exploit for Multiple platform
| VAR-E-201111-0599 |
CVE-2011-3544 CVE-2013-2465 |
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit) - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201306-0242 | EDB ID: 18171 |
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit). CVE-2011-3544CVE-76500 . remote exploit for Multiple platform
| VAR-E-201111-0009 |
CVE-2011-5007 CVE-2011-5009 CVE-2011-5008 |
CoDeSys SCADA 2.3 - WebServer Stack Buffer Overflow (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0099, VAR-201112-0098, VAR-201112-0097 | EDB ID: 18240 |
CoDeSys SCADA 2.3 - WebServer Stack Buffer Overflow (Metasploit). CVE-2011-5007CVE-77387 . remote exploit for Windows platform
| VAR-E-201111-0007 |
CVE-2011-5009 CVE-2011-5007 CVE-2011-5008 |
CoDeSys 3.4 - POST Null Pointer Content-Length Parsing Remote Denial of Service - Multiple dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0099, VAR-201112-0098, VAR-201112-0097 | EDB ID: 36377 |
CoDeSys 3.4 - POST Null Pointer Content-Length Parsing Remote Denial of Service. CVE-2011-5009CVE-77388 . dos exploit for Multiple platform
| VAR-E-201111-0008 |
CVE-2011-5009 CVE-2011-5007 CVE-2011-5008 |
CoDeSys 3.4 - Null Pointer Invalid HTTP Request Parsing Remote Denial of Service - Multiple dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0099, VAR-201112-0098, VAR-201112-0097 | EDB ID: 36378 |
CoDeSys 3.4 - Null Pointer Invalid HTTP Request Parsing Remote Denial of Service. CVE-2011-5009CVE-77389 . dos exploit for Multiple platform
| VAR-E-201111-0006 |
CVE-2011-5007 CVE-2011-5009 CVE-2011-5008 |
CoDeSys SCADA 2.3 - Remote Buffer Overflow - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0099, VAR-201112-0098, VAR-201112-0097 | EDB ID: 18187 |
CoDeSys SCADA 2.3 - Remote Buffer Overflow. CVE-77387CVE-2011-5007 . remote exploit for Windows platform
| VAR-E-201111-0379 | No CVE | Siemens Automation License Manager 500.0.122.1 Code Execution | No EDB ID |
Siemens Automation License Manager versions 500.0.122.1 and below suffer from code execution, exceptions, NULL pointer and file overwriting vulnerabilities.
| VAR-E-201111-0558 | No CVE | Siemens SIMATIC WinCC Flexible Overflow / Traversal / Denial Of Service | No EDB ID |
Siemens SIMATIC WinCC Flexible suffers from stack overflow, directory traversal, denial of service and arbitrary memory read access vulnerabilities.
| VAR-E-201111-0362 | No CVE | MiniWeb Denial Of Service and Directory Traversal Vulnerabilities | No EDB ID |
MiniWeb is prone to a denial-of-service vulnerability and a directory-traversal vulnerability.
Exploiting these issues may allow remote attackers to crash the server or download arbitrary files within the context of the affected server.
| VAR-E-201111-0178 |
CVE-2011-4875 CVE-2011-4876 CVE-2011-4877 CVE-2011-4879 CVE-2011-4878 |
Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201202-0162, VAR-201202-0163, VAR-201202-0164, VAR-201202-0165, VAR-201202-0166 | EDB ID: 18166 |
Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities. CVE-2011-4879CVE-2011-4878CVE-2011-4877CVE-2011-4876CVE-2011-4875CVE-77384CVE-77383CVE-77382CVE-77381CVE-77380 . dos exploit for Windows platform
| VAR-E-201111-0076 |
CVE-2011-4529 CVE-2011-4531 CVE-2011-4530 CVE-2011-4532 |
siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201201-0026, VAR-201201-0027, VAR-201201-0028, VAR-201201-0029 | EDB ID: 18165 |
siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities. CVE-2011-4532CVE-2011-4531CVE-2011-4530CVE-2011-4529CVE-77370CVE-77369CVE-77368CVE-77367 . dos exploit for Windows platform