VARIoT IoT vulnerabilities database
| VAR-202004-1827 | CVE-2020-5548 | Interfering with service operations on multiple Yamaha network devices (DoS) Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and earlier, RTX830 firmware Rev.15.02.09 and earlier, RTX1200 firmware Rev.10.01.76 and earlier, RTX1210 firmware Rev.14.01.33 and earlier, RTX3500 firmware Rev.14.00.26 and earlier, and RTX5000 firmware Rev.14.00.26 and earlier), Yamaha Broadband VoIP Router(NVR500 firmware Rev.11.00.38 and earlier), and Yamaha Firewall(FWX120 firmware Rev.11.03.27 and earlier) allow remote attackers to cause a denial of service via unspecified vectors. For multiple network devices provided by Yamaha Corporation, service operation interruption due to processing of received packets (DoS) (CWE-400) Vulnerability exists. This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Keio University Faculty of Science and Engineering Department of Computer Science Amano Lab Niwa Naoya MrService operation obstruction by a remote third party (DoS) You may be attacked. Yamaha NVR500 and others are products of Yamaha Corporation of Japan. Yamaha NVR500 is an enterprise router. Yamaha RTX810 is a Gigabit VPN (Virtual Private Network) router. Yamaha FWX120 is a firewall product.
Denial of service vulnerabilities exist in many Yamaha products. A remote attacker can use this vulnerability to cause a denial of service
| VAR-202003-0923 | CVE-2019-13495 | ZyXEL Zyxel XGS2210-52HP cross-site scripting vulnerability |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field. Zyxel XGS2210-52HP Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. ZyXEL Zyxel XGS2210-52HP is a managed switch of ZyXEL (ZyXEL) company in Taiwan. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code
| VAR-202004-1752 | CVE-2020-4303 | IBM WebSphere Application Server - Liberty Cross-site scripting vulnerability in |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176668. Vendor exploits this vulnerability IBM X-Force ID: 176668 It is published as.Information may be obtained and tampered with. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code
| VAR-202004-1753 | CVE-2020-4304 | IBM WebSphere Application Server - Liberty Cross-site scripting vulnerability in |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176670. Vendor exploits this vulnerability IBM X-Force ID: 176670 It is published as.Information may be obtained and tampered with. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code
| VAR-202003-1766 | CVE-2019-9508 | Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities |
CVSS V2: 3.5 CVSS V3: 3.5 Severity: LOW |
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. A remote attacker authenticated with an administrator account could store a maliciously named file within the web application that would execute each time a user browsed to the page. The Vertiv Avocent Universal Management Gateway Model UMG-4000 is a data center management appliance. The web interface of the UMG-4000 is vulnerable to command injection, stored cross-site scripting (XSS), and reflected XSS, which may allow an authenticated attacker with administrative privileges to remotely execute arbitrary code. Vertiv Avocent UMG-4000 Exists in a vulnerability related to unlimited upload of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The product supports real-time management, monitoring, access and control of IT equipment and infrastructure. A remote attacker can use the malicious command file to execute the file using the vulnerability
| VAR-202003-1437 | CVE-2020-5724 | Grandstream UCM6200 In the series SQL Injection vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. Grandstream UCM6200 is a set of enterprise-level switches used for IP telephone communication by the US company Grandstream. The vulnerability stems from the lack of verification of external input SQL statements by database-based applications. Attackers can use this vulnerability to execute illegal SQL commands
| VAR-202003-1411 | CVE-2020-5527 | Made by Mitsubishi Electric MELSEC Of the series MELSOFT Resource exhaustion vulnerability in communication ports |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions. Provided by Mitsubishi Electric Corporation MELSEC iQ-R , iQ-F , Q , L , F Of the series MELSOFT Communication port (UDP/IP) Is a resource exhaustion vulnerability (CWE-400) Exists. MELSOFT If a large amount of data is sent to the communication port, the resources will be exhausted and processing will not be performed on that port, which will interfere with service operation. (DoS) It may be in a state. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.MELSOFT If the communication port goes into an unprocessable state, a normal client MELSOFT You will not be able to connect to the communication port. Also, it becomes difficult to connect devices that are communicating on other communication ports. Misubishi Electric MELSEC iQ-R series, etc. are all programmable logic controllers of Japan Mitsubishi Electric (Misubishi Electric) company.
Many Mitsubishi Electric products have resource management error vulnerabilities
| VAR-202003-1439 | CVE-2020-5726 | Grandstream UCM6200 In the series SQL Injection vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. Grandstream UCM6200 is a set of enterprise-level switches used for IP telephone communication by the US company Grandstream
| VAR-202003-1438 | CVE-2020-5725 | Grandstream UCM6200 SQL injection vulnerability |
CVSS V2: 4.3 CVSS V3: 5.9 Severity: MEDIUM |
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords. Grandstream UCM6200 is a set of enterprise-level switches used for IP telephone communication by the US company Grandstream. The vulnerability stems from the lack of verification of external input SQL statements by database-based applications. Attackers can use this vulnerability to execute illegal SQL commands
| VAR-202003-1421 | CVE-2020-5551 | Made by Toyota DCU ( Display control unit ) Vulnerability to |
CVSS V2: 5.4 CVSS V3: 8.8 Severity: HIGH |
Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus (LC, LS, NX, RC, RC F), TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the regions other than Japan from Oct. 2016 to Oct. 2019. An attacker with certain knowledge on the target vehicle control system may be able to send some diagnostic commands to ECUs with some limited availability impacts; the vendor states critical vehicle controls such as driving, turning, and stopping are not affected. Made by Toyota DCU ( Display control unit ) To BlueBorne There is a vulnerability resulting from the vulnerability in. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.By a third party DCU Service luck against ? Interference (DoS) An attack could be carried out or an arbitrary command could be implemented. Also, DCU There is a possibility that operations will be performed on the vehicle via. According to the developer, it has been confirmed that it does not affect vehicle motion control such as running, turning, and stopping. For details, please see [Vendor Information] and [Reference Information]
| VAR-202003-1436 | CVE-2020-5723 | UCM6200 Vulnerability in plaintext storage of important information in series |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges. UCM6200 The series contains a vulnerability in the plaintext storage of important information.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Grandstream UCM6200 is a set of enterprise-level switches used for IP telephone communication by the US company Grandstream.
Grandstream UCM6200 series 1.0.20.22 and previous versions have security vulnerabilities
| VAR-202003-1764 | CVE-2019-9507 | Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated with an administrator account to execute arbitrary commands as root. The Vertiv Avocent Universal Management Gateway Model UMG-4000 is a data center management appliance. Vertiv Avocent UMG-4000 To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The product supports real-time management, monitoring, access and control of IT equipment and infrastructure
| VAR-202003-0708 | CVE-2019-9509 | Vertiv Avocent UMG-4000 Web interface cross-site scripting vulnerability |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before displaying to users in a web page, which could allow a remote attacker authenticated with a user account to execute arbitrary code. The Vertiv Avocent Universal Management Gateway Model UMG-4000 is a data center management appliance. Vertiv Avocent UMG-4000 There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The product supports real-time management, monitoring, access and control of IT equipment and infrastructure. Attackers can use this vulnerability to execute arbitrary code
| VAR-202003-1818 | No CVE | NETGEAR R6400v2 has command execution vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
NETGEAR R6400v2 is a smart WiFi router.
NETGEAR R6400v2 has a command execution vulnerability. Attackers can use the vulnerability to execute commands and gain server permissions.
| VAR-202003-1817 | No CVE | Many Tenda routers have buffer overflow vulnerabilities |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Tenda AC6 is a 1200M 11ac dual-band wireless router specifically designed for home users with broadband upgrades and routing updates. Tenda AC15 is a 1900M wireless router. Tenda AC18 is a wireless router product.
A variety of Tenda routers have a buffer overflow vulnerability. Attackers can use this vulnerability to perform buffer overflow attacks and gain control of the device.
| VAR-202003-0254 | CVE-2020-10939 | PHOENIX CONTACT PC WORX SRT Vulnerability related to authority management in |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation. (DoS) It may be put into a state. Phoenix Contact PC WORX SRT is a programmable logic controller from Phoenix Contact of Germany. Attackers can use this vulnerability to elevate permissions
| VAR-202003-1564 | CVE-2020-5861 | BIG-IP Buffer error vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors. BIG-IP Exists in a buffer error vulnerability.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in F5 BIG-IP versions 12.1.0 through 12.1.5. An attacker can exploit this vulnerability to cause the system to temporarily fail to process traffic and cause a failover
| VAR-202003-1561 | CVE-2020-5858 | BIG-IP and BIG-IQ Vulnerability related to authority management in |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands with elevated privilege via a crafted tmsh command. BIG-IP and BIG-IQ Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both F5 BIG-IP and F5 BIG-IQ are products of the US company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. The solution supports the deployment of application delivery and network services across public and private clouds, traditional data centers and hybrid environments. A security vulnerability exists in F5 BIG-IP and BIG-IQ. The following products and versions are affected: F5 BIG-IP 15.0.0 to 15.0.1.2, 14.1.0 to 14.1.2.2, 13.1.0 to 13.1.3.2, 12.1.0 to 12.1.5 , version 11.5.2 to version 11.6.5.1; BIG-IQ version 7.0.0, version 6.0.0 to version 6.1.0, version 5.2.0 to version 5.4.0,
| VAR-202003-1563 | CVE-2020-5860 | BIG-IP and BIG-IQ Cryptographic strength vulnerabilities in |
CVSS V2: 6.8 CVSS V3: 8.1 Severity: HIGH |
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device Service Cluster (DSC), the failover service does not require a strong form of authentication and HA network failover traffic is not encrypted by Transport Layer Security (TLS). BIG-IP and BIG-IQ There is a cryptographic strength vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both F5 BIG-IP and F5 BIG-IQ are products of the US company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. The solution supports the deployment of application delivery and network services across public and private clouds, traditional data centers and hybrid environments. An attacker could exploit this vulnerability by implementing a man-in-the-middle attack to gain access to unencrypted HA network failover traffic. The following products and versions are affected: F5 BIG-IP 15.0.0 to 15.1.0.2, 14.1.0 to 14.1.2.3, 13.1.0 to 13.1.3.2, 12.1.0 to 12.1.5.1 , version 11.5.2 to version 11.6.5.1; BIG-IQ version 7.0.0, version 6.0.0 to version 6.1.0, version 5.2.0 to version 5.4.0
| VAR-202003-1560 | CVE-2020-5857 | BIG-IP Input verification vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undisclosed HTTP behavior may lead to a denial of service. BIG-IP There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. The following products and versions are affected: F5 BIG-IP 15.0.0 to 15.0.1, 14.1.0 to 14.1.2.2, 13.1.0 to 13.1.3.1, 12.1.0 to 12.1.5 , version 11.5.2 to version 11.6.5.1