VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202404-0124 CVE-2024-3882 Tenda W30E fromRouteStatic function buffer overflow vulnerability CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
A vulnerability was found in Tenda W30E 1.0.1.25(633). It has been classified as critical. Affected is the function fromRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260916. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. The vulnerability is caused by the parameter page of the fromRouteStatic function of /goform/fromRouteStatic failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202404-0080 CVE-2024-3879 Tenda W30E formSetCfm function stack buffer overflow vulnerability CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
A vulnerability, which was classified as critical, was found in Tenda W30E 1.0.1.25(633). This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260913 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda W30E is a wireless router developed by Tenda, mainly used to provide stable network connections for homes and small offices. There is a stack buffer overflow vulnerability in the formSetCfm function of the /goform/setcfm file in Tenda W30E 1.0.1.25(633) version. An attacker can exploit this vulnerability to cause a stack overflow by remotely manipulating the funcpara1 parameter
VAR-202404-0164 CVE-2024-3874 Tenda W20E Stack Buffer Overflow Vulnerability CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
A vulnerability was found in Tenda W20E 15.11.0.6. It has been declared as critical. This vulnerability affects the function formSetRemoteWebManage of the file /goform/SetRemoteWebManage. The manipulation of the argument remoteIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260908. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda W20E is a wireless router developed by Tenda, mainly used to provide wireless network connection and management functions. Attackers can exploit this vulnerability to execute arbitrary code
VAR-202404-0085 CVE-2024-26023 Buffalo radio LAN Multiple vulnerabilities in routers CVSS V2: -
CVSS V3: 6.8
Severity: Medium
OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands. None
VAR-202404-0086 CVE-2024-23486 Buffalo radio LAN Multiple vulnerabilities in routers CVSS V2: -
CVSS V3: 6.5
Severity: Medium
Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials. None
VAR-202404-0165 CVE-2023-50821 Siemens SIMATIC WinCC Denial of Service Vulnerability (CNVD-2024-17302) CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operators to control and monitor machines and equipment. Siemens SIMATIC WinCC has a denial of service vulnerability, which is caused by the affected product failing to properly validate the input provided in the login dialog box. An attacker could exploit this vulnerability to cause a denial of service.
VAR-202404-0059 CVE-2024-280016 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 4.3
Severity: Medium
None
VAR-202404-0057 CVE-2024-280010 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 6.5
Severity: Medium
None
VAR-202404-0055 CVE-2024-280013 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 4.3
Severity: Medium
None
VAR-202404-0058 CVE-2024-280015 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 6.8
Severity: Medium
None
VAR-202404-0056 CVE-2024-280011 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 4.3
Severity: Medium
None
VAR-202404-0070 CVE-2024-3273 plural  D-Link Systems, Inc.  Command injection vulnerabilities in the product CVSS V2: 7.5
CVSS V3: 7.3
Severity: CRITICAL
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link DNS-320L firmware, dns-120 firmware, dnr-202l firmware etc. D-Link Systems, Inc. The product contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202404-0069 CVE-2024-3272 plural  D-Link Systems, Inc.  Product use of hardcoded credentials vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link DNS-320L firmware, dns-120 firmware, dnr-202l firmware etc. D-Link Systems, Inc. The product contains a vulnerability related to the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-3007 CVE-2024-25027 IBM  of  Security Verify Access  Vulnerability regarding lack of encryption of critical data in CVSS V2: -
CVSS V3: 5.5
Severity: MEDIUM
IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. IBM X-Force ID: 281607
VAR-202403-3014 CVE-2024-28090 Technicolor TC8715D Cross-Site Scripting Vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyn_dns.asp. Technicolor TC8715D is a wireless router from the French company Technicolor. Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T has a cross-site scripting vulnerability, which can be exploited by attackers to obtain sensitive information such as user cookies
VAR-202403-1555 CVE-2024-28014 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 8.8
Severity: High
Stack-based Buffer Overflow vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command via the internet. None
VAR-202403-2496 CVE-2024-28012 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 6.5
Severity: Medium
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet. None
VAR-202403-1757 CVE-2024-28009 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 6.5
Severity: Medium
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet. None
VAR-202403-1925 CVE-2024-28008 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 8.0
Severity: High
Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet. None
VAR-202403-1178 CVE-2024-28007 NEC Aterm Multiple vulnerabilities in series CVSS V2: -
CVSS V3: 8.0
Severity: High
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary command with the root privilege via the internet. None