VARIoT news about IoT security

Trust: 5.25

Fetched: April 24, 2024, 9:19 a.m., Published: April 24, 6437, midnight
Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-3400, CVE-2024-34002024

Trust: 4.25

Fetched: April 24, 2024, 9:18 a.m., Published: April 12, 2024, 4:42 p.m.
Vulnerabilities: authentication bypass, command injection, code execution
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2020-2021, CVE-2024-3400, CVE-2019-1579

Trust: 4.75

Fetched: April 24, 2024, 9:12 a.m., Published: April 23, 2024, 8:40 p.m.
Vulnerabilities: command injection
Affected productsExternal IDs
vendor: siemens model: ruggedcom
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
db: NVD ids: CVE-2024-3400

Trust: 4.0

Fetched: April 23, 2024, 9:22 a.m., Published: -
Vulnerabilities: code execution, file inclusion, authentication bypass...
Affected productsExternal IDs

Trust: 3.5

Fetched: April 23, 2024, 9:21 a.m., Published: April 10, 2024, midnight
Vulnerabilities: code execution, cross-site scripting, request forgery...
Affected productsExternal IDs

Trust: 4.25

Fetched: April 23, 2024, 9:21 a.m., Published: April 10, 2024, 4:30 p.m.
Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-6317, CVE-2023-6318, CVE-2023-6320, CVE-2023-6319

Trust: 4.25

Fetched: April 23, 2024, 9:21 a.m., Published: -
Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-29204, CVE-2024-24996

Trust: 4.25

Fetched: April 23, 2024, 9:20 a.m., Published: April 23, 2024, 8:37 a.m.
Vulnerabilities: session hijacking
Affected productsExternal IDs
Related entries in the VARIoT vulnerabilities database: VAR-202404-0070

Trust: 4.75

Fetched: April 23, 2024, 9:18 a.m., Published: April 11, 2024, 9:32 p.m.
Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dns-320
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
vendor: d-link model: dns-340l
vendor: d-link model: dns-320lw
vendor: d-link model: dns-325
vendor: d-link model: dnr-322l
vendor: d-link model: dns-345
db: NVD ids: CVE-2024-3273
Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070

Trust: 3.75

Fetched: April 23, 2024, 9:18 a.m., Published: April 8, 2024, 8:43 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-3272, CVE-2024-3273
Related entries in the VARIoT vulnerabilities database: VAR-202404-1899, VAR-202404-1690, VAR-202401-1198, VAR-202404-1315, VAR-202404-1360

Trust: 4.25

Fetched: April 23, 2024, 9:17 a.m., Published: April 1, 2024, midnight
Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: huawei model: huawei
vendor: google model: pixel
vendor: google model: android
vendor: motorola model: android
vendor: motorola model: motorola
db: NVD ids: CVE-2023-33095, CVE-2023-28582, CVE-2024-21463, CVE-2023-33096, CVE-2024-0026, CVE-2023-33023, CVE-2023-33103, CVE-2023-33099, CVE-2023-21267, CVE-2024-23712, CVE-2024-20039, CVE-2024-23704, CVE-2023-33101, CVE-2023-33104, CVE-2024-20040, CVE-2024-0022, CVE-2023-33115, CVE-2024-23713, CVE-2024-0042, CVE-2023-32890, CVE-2024-0027, CVE-2024-23710, CVE-2024-21472, CVE-2023-33084, CVE-2024-21468, CVE-2023-33086, CVE-2023-33100, CVE-2023-28547
Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070

Trust: 4.25

Fetched: April 23, 2024, 9:16 a.m., Published: April 16, 2024, 4:53 a.m.
Vulnerabilities: injection attack, code execution, command injection
Affected productsExternal IDs
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
vendor: d-link model: dns-340l
vendor: d-link model: dns-325
db: NVD ids: CVE-2024-3272, CVE-2024-3273

Trust: 4.5

Fetched: April 23, 2024, 9:15 a.m., Published: April 18, 2024, 3:06 p.m.
Vulnerabilities: command injection, os command injection, information exposure
Affected productsExternal IDs
vendor: rapid model: scada
Related entries in the VARIoT vulnerabilities database: VAR-202404-0070

Trust: 4.25

Fetched: April 23, 2024, 9:15 a.m., Published: April 2, 2024, midnight
Vulnerabilities: command injection, denial of service
Affected productsExternal IDs
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
vendor: d-link model: dns-340l
vendor: d-link model: dns-325
db: NVD ids: CVE-2024-3274, CVE-2024-3273

Trust: 4.75

Fetched: April 23, 2024, 9:14 a.m., Published: April 10, 2024, 12:53 p.m.
Vulnerabilities: calculation error
Affected productsExternal IDs
vendor: asus model: asus
vendor: lenovo model: system
vendor: lenovo model: updates
db: NVD ids: CVE-2023-40238
Related entries in the VARIoT vulnerabilities database: VAR-202404-0069, VAR-202404-0070

Trust: 4.25

Fetched: April 23, 2024, 9:13 a.m., Published: April 23, 2022, midnight
Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-3272, CVE-2024-3273

Trust: 4.0

Fetched: April 23, 2024, 9:13 a.m., Published: April 2, 2024, midnight
Vulnerabilities: command injection, pointer dereference vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-29948, CVE-2024-29949, CVE-2024-29947

Trust: 3.5

Fetched: April 23, 2024, 9:12 a.m., Published: March 21, 2023, 11:31 a.m.
Vulnerabilities: request forgery, cross-site request forgery
Affected productsExternal IDs
vendor: squid model: squid

Trust: 3.75

Fetched: April 23, 2024, 9:12 a.m., Published: April 19, 2024, 3:39 p.m.
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-6317, CVE-2023-6318, CVE-2023-6320, CVE-2023-6319

Trust: 4.0

Fetched: April 23, 2024, 9:11 a.m., Published: April 23, 2024, midnight
Vulnerabilities: command injection
Affected productsExternal IDs