VARIoT news about IoT security

Trust: 5.75

Fetched: Aug. 14, 2024, 9:23 a.m., Published: Aug. 12, 2024, 9:03 a.m.
Vulnerabilities: os command injection, command execution, arbitrary command execution...
Affected productsExternal IDs
vendor: hms networks model: ewon cosy
db: NVD ids: CVE-2024-33896, CVE-2024-33897, CVE-2024-33894

Trust: 3.5

Fetched: Aug. 14, 2024, 9:21 a.m., Published: Aug. 8, 2024, 6 p.m.
Vulnerabilities: code execution, privilege escalation, integer overflow...
Affected productsExternal IDs
db: NVD ids: CVE-2024-24974, CVE-2024-1305, CVE-2024-27459, CVE-2024-27903

Trust: 3.75

Fetched: Aug. 14, 2024, 9:19 a.m., Published: July 2, 2024, midnight
Vulnerabilities: memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2024-25079

Trust: 4.25

Fetched: Aug. 14, 2024, 9:19 a.m., Published: Aug. 14, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: sonos model: sonos
db: NVD ids: CVE-2023-50809
Related entries in the VARIoT vulnerabilities database: VAR-202401-0919

Trust: 3.75

Fetched: Aug. 14, 2024, 9:18 a.m., Published: -
Vulnerabilities: -
Affected productsExternal IDs
vendor: d-link model: router
vendor: d-link model: dir-859
db: NVD ids: CVE-2024-4901, CVE-2024-2973, CVE-2024-5655, CVE-2024-0769, CVE-2024-6323, CVE-2024-4994, CVE-2024-2177

Trust: 5.0

Fetched: Aug. 14, 2024, 9:17 a.m., Published: -
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco asyncos
vendor: cisco model: advanced malware protection
vendor: cisco model: asyncos
db: NVD ids: CVE-2024-20419, CVE-2024-20401

Trust: 3.75

Fetched: Aug. 14, 2024, 9:09 a.m., Published: June 26, 2024, 4:24 a.m.
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-2961, CVE-2024-34102

Trust: 4.0

Fetched: Aug. 14, 2024, 9:08 a.m., Published: Aug. 14, 2023, midnight
Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2024-3400, CVE-2024-20399

Trust: 5.0

Fetched: Aug. 14, 2024, 9:07 a.m., Published: June 12, 2024, 5:15 p.m.
Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2024-37037

Trust: 3.0

Fetched: Aug. 14, 2024, 9:06 a.m., Published: June 12, 2024, 9:47 a.m.
Vulnerabilities: path traversal, integer overflow, code execution
Affected productsExternal IDs

Trust: 3.0

Fetched: Aug. 13, 2024, 9:27 a.m., Published: Aug. 13, 2024, 6:25 a.m.
Vulnerabilities: system crash, denial of service, improper validation
Affected productsExternal IDs
db: NVD ids: CVE-2024-6768

Trust: 4.0

Fetched: Aug. 13, 2024, 9:24 a.m., Published: Aug. 8, 2024, 6:48 a.m.
Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: google model: android

Trust: 5.75

Fetched: Aug. 13, 2024, 9:24 a.m., Published: July 19, 2024, midnight
Vulnerabilities: directory traversal
Affected productsExternal IDs
vendor: d-link model: dap-1650 firmware
vendor: d-link model: dap-1650_firmware
vendor: d-link model: dap-1650
vendor: dlink model: dap-1650 firmware
vendor: dlink model: dap-1650_firmware
vendor: dlink model: dap-1650
db: NVD ids: CVE-2024-40505

Trust: 4.75

Fetched: Aug. 13, 2024, 9:24 a.m., Published: Aug. 2, 2024, midnight
Vulnerabilities: command execution
Affected productsExternal IDs
vendor: enphase model: envoy
db: NVD ids: CVE-2024-21878, CVE-2020-25754

Trust: 5.75

Fetched: Aug. 13, 2024, 9:18 a.m., Published: -
Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-36971, CVE-2024-23350

Trust: 5.25

Fetched: Aug. 13, 2024, 9:16 a.m., Published: July 30, 2024, 7:17 a.m.
Vulnerabilities: request forgery, information disclosure, command injection...
Affected productsExternal IDs
vendor: epson model: connect
vendor: zoom model: client
db: NVD ids: CVE-2019-20460, CVE-2020-11923, CVE-2019-20467, CVE-2020-11925, CVE-2020-11915, CVE-2019-20463, CVE-2020-11916, CVE-2019-20464, CVE-2020-11924, CVE-2019-20472, CVE-2019-20473, CVE-2019-20462, CVE-2020-11920, CVE-2019-20458, CVE-2019-20461, CVE-2019-20469, CVE-2020-11922, CVE-2019-20459, CVE-2019-20466, CVE-2019-20471, CVE-2019-20465, CVE-2020-11918, CVE-2020-11917, CVE-2019-20470, CVE-2020-11921, CVE-2019-20457, CVE-2019-20468, CVE-2020-11926, CVE-2020-11919

Trust: 3.0

Fetched: Aug. 13, 2024, 9:16 a.m., Published: Aug. 9, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

Trust: 5.75

Fetched: Aug. 13, 2024, 9:15 a.m., Published: Aug. 12, 2024, 8:48 a.m.
Vulnerabilities: directory traversal
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: google model: android
vendor: google model: chrome os
vendor: google model: chrome
db: NVD ids: CVE-2024-38271, CVE-2024-38272

Trust: 4.75

Fetched: Aug. 13, 2024, 9:14 a.m., Published: -
Vulnerabilities: script execution
Affected productsExternal IDs
vendor: ring model: ring
Related entries in the VARIoT vulnerabilities database: VAR-202408-2138

Trust: 5.5

Fetched: Aug. 13, 2024, 9:13 a.m., Published: Aug. 12, 2024, 9:51 a.m.
Vulnerabilities: code execution, improper memory management, denial of service...
Affected productsExternal IDs
vendor: oneplus model: oneplus
vendor: oneplus model: one
vendor: google model: android
vendor: samsung model: mobile
vendor: samsung model: samsung
db: NVD ids: CVE-2024-21481, CVE-2024-21479, CVE-2024-23350, CVE-2024-23352, CVE-2024-23353