VARIoT IoT vulnerabilities database
| VAR-202003-1348 | CVE-2020-4203 | IBM DataPower Gateway Vulnerability regarding information leakage in |
CVSS V2: 4.0 CVSS V3: 4.9 Severity: MEDIUM |
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956. IBM DataPower Gateway There is an information leakage vulnerability in. Vendor exploits this vulnerability IBM X-Force ID: 174956 It is published as.Information may be obtained. IBM DataPower Gateway is a security and integration platform specially designed for mobile, cloud, application programming interface (API), network, service-oriented architecture (SOA), B2B and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. An attacker could exploit this vulnerability to obtain highly sensitive information
| VAR-202003-1138 | CVE-2020-1864 | plural Huawei Product authentication vulnerabilities |
CVSS V2: 6.8 CVSS V3: 8.1 Severity: HIGH |
Some Huawei products have a security vulnerability due to improper authentication. A remote attacker needs to obtain some information and forge the peer device to send specific packets to the affected device. Due to the improper implementation of the authentication function, attackers can exploit the vulnerability to connect to affected devices and execute a series of commands.Affected product versions include:Secospace AntiDDoS8000 versions V500R001C00,V500R001C20,V500R001C60,V500R005C00. plural Huawei The product contains an authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
| VAR-202003-1326 | CVE-2019-12132 | ONAP SDNC In OS Command injection vulnerabilities |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered in ONAP SDNC before Dublin. By executing sla/dgUpload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected. ONAP SDNC To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ONAP SDNC is a network-defined network controller of the ONAP project.
ONAP SDNC Dublin has an operating system command injection vulnerability
| VAR-202003-1306 | CVE-2019-12112 | ONAP In OS Command injection vulnerabilities |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered in ONAP SDNC before Dublin. By executing sla/upload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected. ONAP To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ONAP SDNC is a network-defined network controller of the ONAP project.
ONAP SDNC has an operating system command injection vulnerability
| VAR-202003-1092 | CVE-2020-1793 | HUAWEI Mate 20 and Mate 30 Pro Authentication vulnerabilities in |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications
| VAR-202003-1307 | CVE-2019-12113 | ONAP SDNC operating system command injection vulnerability |
CVSS V2: 6.5 CVSS V3: 8.8 Severity: HIGH |
An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsGv with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected. ONAP To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ONAP SDNC is a network-defined network controller of the ONAP project.
OSAP command injection vulnerability existed in versions before ONAP SDNC 4.0.0
| VAR-202003-1094 | CVE-2020-1795 | HUAWEI Mate 20 and Mate 30 Pro Vulnerability in |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones
| VAR-202003-1093 | CVE-2020-1794 | HUAWEI Mate 20 and Mate 30 Pro Authentication vulnerabilities in |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications
| VAR-202003-1095 | CVE-2020-1796 | HUAWEI Mate 20 and Mate 30 Pro Unauthorized authentication vulnerability in |
CVSS V2: 4.6 CVSS V3: 6.6 Severity: MEDIUM |
There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both Huawei Mate 20 and Mate 30 Pro are smartphones of the Chinese company Huawei. This vulnerability stems from the system’s failure to properly authorize low-privilege users. Attackers can use this The vulnerability performs an unauthorized operation. Huawei smartphones could allow a local authenticated malicious user to bypass security restrictions, caused by improper authentication. An attacker could exploit this vulnerability, an attacker could exploit this vulnerability bypass security restrictions
| VAR-202003-1136 | CVE-2020-1862 | CampusInsight and ManageOne Double release vulnerability in |
CVSS V2: 2.1 CVSS V3: 3.3 Severity: LOW |
There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions V100R019C00;ManageOne versions 6.5.RC2.B050. CampusInsight and ManageOne There is a double release vulnerability in.Service operation interruption (DoS) It may be put into a state. Both Huawei ManageOne and CampusInsight are products of the Chinese company Huawei. ManageOne is a cloud data center management solution. The product supports unified management of heterogeneous cloud resource pools, and provides functions such as multi-level VDC matching customer organization model, service catalog planning, self-service, centralized alarm analysis, and intelligent operation and maintenance. CampusInsight is a campus network management system. Resource management error vulnerabilities exist in Huawei CampusInsight V100R019C00 and ManageOne 6.5.RC2.B050
| VAR-202003-0892 | CVE-2019-18582 | Dell EMC Data Protection Advisor Code injection vulnerability in |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to inject malicious report generation scripts in the server. This may lead to OS command execution as the regular user runs the DPA service on the affected system. (DoS) It may be put into a state. The product supports functions such as data backup, data recovery, and data replication management. A remote attacker could use a specially crafted script to exploit this vulnerability to execute arbitrary commands on the system
| VAR-202003-0890 | CVE-2019-18581 | Dell EMC Data Protection Advisor Vulnerability regarding lack of authentication in |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to alter the application’s allowable list of OS commands. This may lead to arbitrary OS command execution as the regular user runs the DPA service on the affected system. (DoS) It may be put into a state. The product supports functions such as data backup, data recovery, and data replication management
| VAR-202003-0585 | CVE-2019-3762 | Data Protection Central Certificate validation vulnerabilities in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data. The product offers features such as single sign-on, dashboard, and system monitoring
| VAR-202003-1595 | CVE-2020-6976 | Delta Industrial Automation CNCSoft ScreenEditor Out-of-bounds read vulnerability in |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of Giffile information within DPB files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of Administrator. Delta Electronics CNCSoft ScreenEditor is a set of CNC machine tool simulation system software of Taiwan Delta Electronics (Delta Electronics) company
| VAR-202003-1670 | CVE-2020-7002 | Delta Industrial Automation CNCSoft ScreenEditor Out-of-bounds write vulnerability in |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file. Delta Industrial Automation CNCSoft ScreenEditor Is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of GifName information in DPB files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Delta Electronics CNCSoft ScreenEditor is a set of CNC machine tool simulation system software of Taiwan Delta Electronics (Delta Electronics) company.
There is a buffer overflow vulnerability in Delta Electronics CNCSoft ScreenEditor 1.00.96 and previous versions, which can be exploited by an attacker to cause a stack buffer overflow
| VAR-202003-1417 | CVE-2020-5544 | Mitsubishi Electric MELQIC IU1 TCP function code issue vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows remote attackers to stop the network functions or execute malware via a specially crafted packet. (DoS) It may be put into a state. Mitsubishi Electric MELQIC IU1 is a IU1 series data collection analyzer of Mitsubishi Electric Corporation of Japan
| VAR-202007-0245 | CVE-2020-12736 | Code42 Vulnerability related to authority management in |
CVSS V2: 6.5 CVSS V3: 7.2 Severity: HIGH |
Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local (non-SSO) user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator entered template language code in the subject line, that code could be interpreted by the email generation services, potentially resulting in server-side code injection. Code42 Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Code42 Software On-premises Code42 server is a locally deployed version of Code42 data protection server from Code42 Software in the United States. A remote attacker can use this vulnerability to execute code
| VAR-202003-0854 | CVE-2019-19941 | Swisscom Centro Grande cross-site scripting vulnerability |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS. Swisscom Centro Grande Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. Swisscom Centro Grande is a router of Swisscom. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code
| VAR-202003-0853 | CVE-2019-19940 | Swisscom Centro Grande Injection vulnerabilities in |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
Incorrect input sanitation in text-oriented user interfaces (telnet, ssh) in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection. Swisscom Centro Grande There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Swisscom Centro Grande is a router of Swisscom. The vulnerability stems from the fact that the network system or product fails to properly filter the special characters and commands in the process of user input, construction and execution of commands. A remote attacker can use the vulnerability to execute arbitrary commands by injecting commands
| VAR-202003-0855 | CVE-2019-19942 | Swisscom Centro Grande and Centro Business Input verification vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 (ADB) before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests