VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202003-1612 CVE-2020-6989 Moxa PT-7528 and PT-7828 Out-of-bounds write vulnerabilities in series firmware CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code. Moxa PT-7528 and PT-7828 A series firmware contains a vulnerability related to out-of-bounds writing.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa EDS-G516E and EDS-510E series are Ethernet switches manufactured by Moxa. Moxa EDS-G516E and EDS-510E series have a buffer overflow vulnerability, which can be exploited by an attacker to cause a buffer overflow
VAR-202004-2035 CVE-2020-6974 Honeywell Notifier Web Server Past Traversal Vulnerability in CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem. (DoS) It may be put into a state. NOTI? FIRE? NET Web Server is a web-based HTML server that allows you to remotely access the NOTI? FIRE? NET network via the Internet or an intranet. An attacker could use this vulnerability to gain unauthorized access to a restricted directory
VAR-202003-1675 CVE-2020-8863 plural D-Link Authentication vulnerabilities in routers CVSS V2: 8.3
CVSS V3: 8.8
Severity: HIGH
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the router. Was ZDI-CAN-9470. Zero Day Initiative To this vulnerability ZDI-CAN-9470 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. D-Link DIR-867, DIR-878 and DIR-882 are all wireless router products from D-Link, Taiwan. HNAP is a protocol called HNAP (Home Network Management Protocol)
VAR-202002-1073 CVE-2020-9374 TP-LINK TL-WR849N On the device OS Command injection vulnerabilities

Related entries in the VARIoT exploits database: VAR-E-202003-0038
CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. TP-LINK TL-WR849N On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. TP-LINK TL-WR849N is a 300mbps WiFi router. TP-Link TL-WR849N 0.9.1 version 4.16 has a security vulnerability in the diagnostic area
VAR-202003-1676 CVE-2020-8864 plural D-Link Improper Comparison Vulnerability in Made Routers CVSS V2: 8.3
CVSS V3: 8.8
Severity: HIGH
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of empty passwords. An attacker can leverage this vulnerability to execute arbitrary code on the router. Was ZDI-CAN-9471. D-Link DIR-867 , DIR-878 , DIR-882 The router contains a vulnerability related to improper comparison. Zero Day Initiative To this vulnerability ZDI-CAN-9471 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. D-Link DIR-867, DIR-878 and DIR-882 are all wireless router products from D-Link, Taiwan. HNAP is a protocol called HNAP (Home Network Management Protocol)
VAR-202002-1069 CVE-2020-9363 plural Sophos Product input verification vulnerabilities CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction. plural Sophos The product contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Attackers can exploit this vulnerability to bypass virus detection with the help of specially crafted ZIP files
VAR-202002-1688 No CVE BeckHoff CX9020 has a buffer overflow vulnerability CVSS V2: 2.6
CVSS V3: -
Severity: LOW
CX9020 is a PLC generated by BeckHoff. Its Webservice is used to remotely configure the PLC service. Through this service, users can configure the PLC with a browser. BeckHoff CX9020 has a buffer overflow vulnerability that could be exploited by an attacker to crash the service or potentially execute malicious code.
VAR-202002-1686 No CVE PEMS-6806AD/T has an information disclosure vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
PEMS-6806AD/T is a high-performance 32-bit ARM processor independently developed by Shijiazhuang Hejia Technology Co., Ltd. Based on an embedded Linux platform, it integrates data collection, processing, storage, query, event alarm, control, and network communication. A new generation of monitoring host-embedded monitoring host. PEMS-6806AD/T has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information of the affected device.
VAR-202002-0357 CVE-2019-5138 Moxa AWK-3131A In firmware OS Command injection vulnerabilities CVSS V2: 9.0
CVSS V3: 9.9
Severity: CRITICAL
An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa
VAR-202002-1070 CVE-2020-9365 Pure-FTPd Out-of-bounds read vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c. Pure-FTPd is an FTP (File Transfer Protocol) server. A buffer overflow vulnerability exists in the 'pure_strcmp' function of the utils.c file in Pure-FTPd version 1.0.49. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-54 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Pure-FTPd: Multiple vulnerabilities Date: March 25, 2020 Bugs: #711124 ID: 202003-54 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Pure-FTPd, the worst of which could allow remote attackers to cause a Denial of Service condition. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-ftp/pure-ftpd < 1.0.49-r2 >= 1.0.49-r2 Description =========== Multiple vulnerabilities have been discovered in Pure-FTPd. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly cause a Denial of Service condition or cause an information disclosure. Workaround ========== There is no known workaround at this time. Resolution ========== All Pure-FTPd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-ftp/pure-ftpd-1.0.49-r2" References ========== [ 1 ] CVE-2020-9274 https://nvd.nist.gov/vuln/detail/CVE-2020-9274 [ 2 ] CVE-2020-9365 https://nvd.nist.gov/vuln/detail/CVE-2020-9365 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202003-54 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5
VAR-202002-0356 CVE-2019-5137 Moxa AWK-3131A Vulnerability in using hard-coded credentials in firmware CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. Moxa AWK-3131A There is a vulnerability in the firmware regarding the use of hard-coded credentials.Information may be obtained. Moxa AWK-3131A is a wireless access device from Moxa. An attacker could use this vulnerability to decrypt captured traffic
VAR-202002-0358 CVE-2019-5139 Moxa AWK-3131A Trust Management Issue Vulnerability CVSS V2: 3.6
CVSS V3: 7.1
Severity: HIGH
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. Moxa AWK-3131A is a wireless switch from Moxa. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use the default password or hard-coded passwords, hard-coded certificates, etc. to attack the affected components
VAR-202002-0361 CVE-2019-5142 Moxa AWK-3131A In firmware OS Command injection vulnerabilities CVSS V2: 9.0
CVSS V3: 7.2
Severity: HIGH
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various authenticated requests to trigger this vulnerability. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa
VAR-202002-0355 CVE-2019-5136 Moxa AWK-3131A Access Control Error Vulnerability CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Moxa AWK-3131A There is a permission management vulnerability in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa
VAR-202002-0366 CVE-2019-5165 Moxa AWK-3131A Authentication vulnerability in firmware CVSS V2: 6.5
CVSS V3: 7.2
Severity: HIGH
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. Moxa AWK-3131A There is an authentication vulnerability in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa. There is a security hole in the handling of host names in Moxa AWK-3131A using firmware 1.13
VAR-202002-0365 CVE-2019-5162 Moxa AWK-3131A Privilege management vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Moxa AWK-3131A There is a permission management vulnerability in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa. The vulnerability stems from a network system or product that did not properly restrict access to resources from unauthorized roles. No detailed vulnerability details are provided at this time
VAR-202002-0363 CVE-2019-5148 Moxa AWK-3131A Integer underflow vulnerability in firmware CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability. Moxa AWK-3131A There is an integer underflow vulnerability in the firmware.Service operation interruption (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa. Moxa AWK-3131A has a buffer overflow vulnerability. No detailed vulnerability details are provided at this time
VAR-202002-0359 CVE-2019-5140 Moxa AWK-3131A In firmware OS Command injection vulnerabilities CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa. The vulnerability stems from the fact that the network system or product did not properly filter the special elements in the process of constructing executable commands from external input data. An attacker could use this vulnerability to execute an illegal command
VAR-202002-0362 CVE-2019-5143 Moxa AWK-3131A Format string vulnerability in firmware CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless switch from Moxa
VAR-202002-0364 CVE-2019-5153 Moxa AWK-3131A Classic buffer overflow vulnerability in firmware CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Moxa AWK-3131A A classic buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa AWK-3131A is a wireless access device from Moxa. An attacker could use this vulnerability to execute code