VARIoT IoT vulnerabilities database
VAR-202409-0012 | CVE-2024-8460 |
CVSS V2: 2.6 CVSS V3: 3.7 Severity: Medium |
A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file /cgi-bin/widget_api.cgi of the component Web Management Interface. The manipulation of the argument getHD/getSer/getSys leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.
VAR-202409-0042 | CVE-2024-8408 |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument services_array leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
VAR-202409-0013 | CVE-2024-33060 | Use of freed memory vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Memory corruption when two threads try to map and unmap a single node simultaneously. 315 5g iot firmware, AQT1000 firmware, AR8031 Multiple Qualcomm products, such as firmware, contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202409-0028 | CVE-2024-33052 | Out-of-bounds write vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Memory corruption when user provides data for FM HCI command control operations. APQ8017 firmware, AQT1000 firmware, fastconnect 6200 Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202409-0017 | CVE-2024-33051 | Out-of-bounds read vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. 315 5g iot firmware, 9206 lte firmware, APQ8017 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202409-0034 | CVE-2024-33042 | Out-of-bounds write vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Memory corruption when Alternative Frequency offset value is set to 255. APQ8017 firmware, AQT1000 firmware, fastconnect 6200 Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2491 | CVE-2024-44778 | Vtiger of Vtiger CRM Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 9.6 Severity: CRITICAL |
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. Vtiger of Vtiger CRM Exists in a cross-site scripting vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
------------------------------------------
[Additional Information]
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Invoice&view=List&app=INVENTORY&parent=%22-alert()-%22
------------------------------------------
[Vulnerability Type]:Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0.
------------------------------------------
[Additional Information]:
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Accounts&view=List&viewname=95ddd'+onpointerdown=alert()+alt=
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0.
------------------------------------------
[Affected Component]:The "viewname" parameter of vTiger CRM 7.4.0 Index page .
------------------------------------------
[Additional Information]
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Invoice&view=List&app=INVENTORY&tag=);alert();%22+alt=%22
------------------------------------------
[Vulnerability Type]:Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0
VAR-202408-2490 | CVE-2024-44779 | Vtiger of Vtiger CRM Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 9.6 Severity: CRITICAL |
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. Vtiger of Vtiger CRM Exists in a cross-site scripting vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
------------------------------------------
[Additional Information]
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Invoice&view=List&app=INVENTORY&parent=%22-alert()-%22
------------------------------------------
[Vulnerability Type]:Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0.
------------------------------------------
[Additional Information]:
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Accounts&view=List&viewname=95ddd'+onpointerdown=alert()+alt=
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0.
------------------------------------------
[Affected Component]:The "viewname" parameter of vTiger CRM 7.4.0 Index page .
------------------------------------------
[Additional Information]
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Invoice&view=List&app=INVENTORY&tag=);alert();%22+alt=%22
------------------------------------------
[Vulnerability Type]:Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0
VAR-202408-2492 | CVE-2024-44777 | Vtiger of Vtiger CRM Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 9.6 Severity: CRITICAL |
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. Vtiger of Vtiger CRM Exists in a cross-site scripting vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
------------------------------------------
[Additional Information]
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Invoice&view=List&app=INVENTORY&parent=%22-alert()-%22
------------------------------------------
[Vulnerability Type]:Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0.
------------------------------------------
[Additional Information]:
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Accounts&view=List&viewname=95ddd'+onpointerdown=alert()+alt=
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0.
------------------------------------------
[Affected Component]:The "viewname" parameter of vTiger CRM 7.4.0 Index page .
------------------------------------------
[Additional Information]
PoC:
https://demo7.vtexperts.com/vtigercrm7demo/index.php?module=Invoice&view=List&app=INVENTORY&tag=);alert();%22+alt=%22
------------------------------------------
[Vulnerability Type]:Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]:vTiger CRM - 7.4.0
VAR-202408-2560 | CVE-2024-44776 | Vtiger of Vtiger CRM Open redirect vulnerability in |
CVSS V2: - CVSS V3: 6.1 Severity: MEDIUM |
An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. Vtiger of Vtiger CRM Exists in an open redirect vulnerability.Information may be obtained and information may be tampered with.
------------------------------------------
[VulnerabilityType Other]:Open Redirect
------------------------------------------
[Vendor of Product]:vTiger
------------------------------------------
[Affected Product Code Base]
vTiger CRM - 7.4.0.
------------------------------------------
[Affected Component]:Index of vTiger CRM
------------------------------------------
[Attack Type]:Remote
------------------------------------------
[Impact Information Disclosure]:true
------------------------------------------
[CVE Impact Other]:Redirect a victim to a malicious site
------------------------------------------
[Attack Vectors]:Crafted URL
-----------------------------------------
[Has vendor confirmed or acknowledged the vulnerability?]:true
------------------------------------------
[Discoverer]:Marco Nappi
------------------------------------------
[Reference]:http://vtiger.com
------------------------------------------
VAR-202408-2547 | CVE-2024-34195 | TOTOLINK of A3002R Out-of-bounds write vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. This oversight leads to potential buffer overflow under specific circumstances. For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks. TOTOLINK of A3002R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2413 | CVE-2024-8225 | Shenzhen Tenda Technology Co.,Ltd. of G3 Out-of-bounds write vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of G3 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2464 | CVE-2024-8224 | Shenzhen Tenda Technology Co.,Ltd. of G3 Out-of-bounds write vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of G3 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2339 | CVE-2024-8214 | plural D-Link Systems, Inc. In the product OS Command injection vulnerability |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected by this vulnerability is the function cgi_FMT_Std2R5_2nd_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. dns-315l firmware, D-Link DNS-320LW firmware, dns-1550-04 firmware etc. D-Link Systems, Inc. The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2337 | CVE-2024-8213 | plural D-Link Systems, Inc. In the product OS Command injection vulnerability |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected is the function cgi_FMT_R12R5_1st_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. dns-315l firmware, D-Link DNS-320LW firmware, dns-1550-04 firmware etc. D-Link Systems, Inc. The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2338 | CVE-2024-8212 | plural D-Link Systems, Inc. Command injection vulnerabilities in the product |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been rated as critical. This issue affects the function cgi_FMT_R12R5_2nd_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_source_dev leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. dns-315l firmware, D-Link DNS-320LW firmware, dns-1550-04 firmware etc. D-Link Systems, Inc. The product contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2336 | CVE-2024-8211 | plural D-Link Systems, Inc. In the product OS Command injection vulnerability |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been declared as critical. This vulnerability affects the function cgi_FMT_Std2R1_DiskMGR of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_newly_dev leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. dns-315l firmware, D-Link DNS-320LW firmware, dns-1550-04 firmware etc. D-Link Systems, Inc. The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2340 | CVE-2024-8210 | plural D-Link Systems, Inc. In the product OS Command injection vulnerability |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been classified as critical. This affects the function sprintf of the file /cgi-bin/hd_config.cgi. The manipulation of the argument f_mount leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. dns-315l firmware, D-Link DNS-320LW firmware, dns-1550-04 firmware etc. D-Link Systems, Inc. The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202408-2424 | CVE-2024-44342 | D-Link Systems, Inc. of dir-846w in the firmware OS Command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 9.8 Severity: CRITICAL |
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the wl(0).(0)_ssid parameter. This vulnerability is exploited via a crafted POST request. D-Link Systems, Inc. of dir-846w The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-846W is a dual-band Gigabit router from D-Link, a Chinese company. No detailed vulnerability details are currently available
VAR-202408-2402 | CVE-2024-8166 | ruijienetworks of eg2000k Unrestricted Upload of Dangerous File Types Vulnerability in Firmware |
CVSS V2: 5.8 CVSS V3: 4.7 Severity: Medium |
A vulnerability has been found in Ruijie EG2000K 11.1(6)B2 and classified as critical. This vulnerability affects unknown code of the file /tool/index.php?c=download&a=save. The manipulation of the argument content leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ruijienetworks of eg2000k Firmware has an unrestricted upload of dangerous file types vulnerability.Service operation interruption (DoS) It may be in a state