VARIoT IoT vulnerabilities database
| VAR-202002-0619 | CVE-2020-1861 | Huawei CloudEngine 12800 Information Disclosure Vulnerability |
CVSS V2: 2.1 CVSS V3: 4.4 Severity: MEDIUM |
CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage. Huawei CloudEngine 12800 is a 12800 series data center switch from Huawei of China.
An information disclosure vulnerability exists in Huawei CloudEngine 12800, which originates from improper processing of data
| VAR-202002-0838 | CVE-2014-2727 | Trustwave MailMarshal operating system command injection vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection. MailMarshal To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Trustwave MailMarshal is a set of e-mail security gateway products from Trustwave of the United States. Attackers can use this vulnerability to execute arbitrary commands on the system
| VAR-202002-1041 | CVE-2020-5534 | Aterm WG2600HS Multiple vulnerabilities in |
CVSS V2: 7.7 CVSS V3: 8.0 Severity: HIGH |
Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Provided by NEC Corporation Aterm WG2600HS Is vulnerable to several vulnerabilities: ・ Cross-site scripting (CWE-79) - CVE-2020-5533 ・ OS Command injection (CWE-78) - CVE-2020-5534 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2020-5533 ・ Of the product HTTP Depending on the user who can log in to the service root Arbitrary with authority OS Command is executed - CVE-2020-5534. NEC Aterm WG2600HS is a wireless router from NEC Corporation.
The operating system command injection vulnerability exists in NEC Aterm WG2600HS version 1.3.2. The vulnerability stems from the process of externally inputting data to construct the executable command of the operating system, and the network system or product did not properly filter the special characters and commands. An attacker could use this vulnerability to execute illegal operating system commands
| VAR-202002-1034 | CVE-2020-5525 | Aterm WF1200CR , WG1200CR and WG2600HS Multiple in OS Command injection vulnerabilities |
CVSS V2: 7.7 CVSS V3: 8.0 Severity: HIGH |
Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen. Provided by NEC Corporation Aterm WF1200CR , WG1200CR and WG2600HS To the following multiple OS A command injection vulnerability exists. ・ UPnP In function OS Command injection (CWE-78) - CVE-2020-5524 ・ On the management screen OS Command injection (CWE-78) - CVE-2020-5525 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Nippon Telegraph and Telephone Corporation Fujita Rintaro Mr. Kamiyama Takayuki MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Of the product UPnP Depending on the user who has access to the feature's interface root Arbitrary with authority OS Command is executed - CVE-2020-5524 -By a user who can access the management screen of the product root Arbitrary with authority OS Command is executed - CVE-2020-5525. NEC Aterm WF1200C and others are wireless routers from NEC Corporation.
There is an operating system command injection vulnerability in NEC Aterm WF1200C 1.2.1 and earlier versions, Aterm WG1200CR 1.2.1 and earlier versions and Aterm WG2600HS 1.3.2 and earlier versions, which originated from the process of externally inputting data to construct the operating system executable commands , The network system or product does not properly filter the special characters, commands, etc. An attacker could use this vulnerability to execute illegal operating system commands
| VAR-202002-1033 | CVE-2020-5524 | Aterm WF1200CR , WG1200CR and WG2600HS Multiple in OS Command injection vulnerabilities |
CVSS V2: 8.3 CVSS V3: 8.8 Severity: HIGH |
Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function. Provided by NEC Corporation Aterm WF1200CR , WG1200CR and WG2600HS To the following multiple OS A command injection vulnerability exists. ・ UPnP In function OS Command injection (CWE-78) - CVE-2020-5524 ・ On the management screen OS Command injection (CWE-78) - CVE-2020-5525 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Nippon Telegraph and Telephone Corporation Fujita Rintaro Mr. Kamiyama Takayuki MrThe expected impact depends on each vulnerability, but it may be affected as follows. ・ Of the product UPnP Depending on the user who has access to the feature's interface root Arbitrary with authority OS Command is executed - CVE-2020-5524 -By a user who can access the management screen of the product root Arbitrary with authority OS Command is executed - CVE-2020-5525. NEC Aterm WF1200C and others are wireless routers from NEC Corporation.
There is an operating system command injection vulnerability in NEC Aterm WF1200C 1.2.1 and earlier versions, Aterm WG1200CR 1.2.1 and earlier versions and Aterm WG2600HS 1.3.2 and earlier versions, which originated from the process of externally inputting data to construct the operating system executable commands , The network system or product does not properly filter the special characters, commands, etc. An attacker could use this vulnerability to execute illegal operating system commands
| VAR-202002-1040 | CVE-2020-5533 | NEC Aterm WG2600HS Cross-Site Scripting Vulnerability |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Provided by NEC Corporation Aterm WG2600HS Is vulnerable to several vulnerabilities: ・ Cross-site scripting (CWE-79) - CVE-2020-5533 ・ OS Command injection (CWE-78) - CVE-2020-5534 This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developer. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2020-5533 ・ Of the product HTTP Depending on the user who can log in to the service root Arbitrary with authority OS Command is executed - CVE-2020-5534. NEC Aterm WG2600HS is a wireless router from NEC Corporation.
There is a cross-site scripting vulnerability in NEC Aterm WG2600HS version 1.3.2, which originates from the lack of correct verification of client data by web applications. An attacker could use this vulnerability to execute client code
| VAR-202002-1391 | CVE-2020-8824 | Hitron Technologies CODA-4582U Cross-Site Scripting Vulnerability |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name on the Wireless > Access Control > Add Managed Device screen. Hitron CODA-4582U A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. Hitron Technologies CODA-4582U is a modem from Hitron Technologies of Taiwan, China. The vulnerability stems from the lack of proper validation of client data by web applications. An attacker could use this vulnerability to execute client code
| VAR-202002-0711 | CVE-2020-3114 | Cisco Data Center Network Manager Cross-site request forgery vulnerability in |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link while having an active session on an affected device. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. (DoS) It may be put into a state. Cisco Data Center Network Manager ( DCNM ) is Cisco ( Cisco ) company's data center management system. The system is suitable for Cisco Nexus and MDS Series of switches that provide storage visualization, configuration, and troubleshooting capabilities
| VAR-202002-0716 | CVE-2020-3153 | Windows for Cisco AnyConnect Secure Mobility Client Vulnerability in uncontrolled search path elements in |
CVSS V2: 4.9 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system
| VAR-202002-0709 | CVE-2020-3112 | Cisco Data Center Network Manager Vulnerability related to authority management in |
CVSS V2: 6.5 CVSS V3: 8.8 Severity: HIGH |
A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to elevate privileges on the application. The vulnerability is due to insufficient access control validation. An attacker could exploit this vulnerability by authenticating with a low-privilege account and sending a crafted request to the API. A successful exploit could allow the attacker to interact with the API with administrative privileges. (DoS) It may be put into a state. The system is available for Cisco Nexus and MDS series switches and provides storage visualization, configuration and troubleshooting functions
| VAR-202002-0692 | CVE-2020-3163 | Cisco Unified Contact Center Enterprise Race condition vulnerabilities in |
CVSS V2: 7.1 CVSS V3: 5.9 Severity: MEDIUM |
A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing inbound Live Data traffic. An attacker could exploit this vulnerability by sending multiple crafted Live Data packets to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could result in a stack overflow and cause the affected device to reload, resulting in a DoS condition. Note: The Live Data port in Cisco Unified Contact Center Enterprise devices allows only a single TCP connection. To exploit this vulnerability, an attacker would have to send crafted packets to an affected device before a legitimate Live Data client establishes a connection
| VAR-202002-0721 | CVE-2020-3160 | Cisco Meeting Server Input verification vulnerabilities in software |
CVSS V2: 4.3 CVSS V3: 5.3 Severity: MEDIUM |
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. Other applications and processes are unaffected. The vulnerability is due to improper input validation of XMPP packets. An attacker could exploit this vulnerability by sending crafted XMPP packets to an affected device. An exploit could allow the attacker to cause process crashes and a DoS condition for XMPP conferencing applications. Cisco Meeting Server The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state
| VAR-202002-0717 | CVE-2020-3154 | Cisco Cloud Web Security In SQL Injection vulnerabilities |
CVSS V2: 4.0 CVSS V3: 4.9 Severity: MEDIUM |
A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this vulnerability sending malicious requests to the affected device. An exploit could allow the attacker to modify values on or return values from the underlying database
| VAR-202003-0525 | CVE-2019-6696 | FortiOS Open redirect vulnerability in |
CVSS V2: 5.8 CVSS V3: 6.1 Severity: MEDIUM |
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage. FortiOS Exists in an open redirect vulnerability.Information may be obtained and tampered with. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerability exists in Fortinet FortiOS. An attacker could exploit this vulnerability to redirect users to malicious websites. The following products and versions are affected: FortiOS 6.2.1, 6.2.0, 5.4.0 to 6.0.8
| VAR-202002-0719 | CVE-2020-3158 | Cisco Smart Software Manager On-Prem Vulnerability in using hard-coded credentials in |
CVSS V2: 8.8 CVSS V3: 9.1 Severity: CRITICAL |
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to obtain read and write access to system data, including the configuration of an affected device. The attacker would gain access to a sensitive portion of the system, but the attacker would not have full administrative rights to control the device
| VAR-202002-0706 | CVE-2020-3138 | Cisco Enterprise NFV Infrastructure Software Digital Signature Verification Vulnerability in |
CVSS V2: 7.2 CVSS V3: 6.7 Severity: MEDIUM |
A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to upload crafted code to the affected device. Cisco Enterprise NFV Infrastructure Software (NFVIS) Exists in a digital signature validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Enterprise NFV Infrastructure Software (NFVIS) is a set of NVF infrastructure software platform of Cisco (Cisco). The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller
| VAR-202002-0618 | CVE-2020-1860 | plural Huawei Product input verification vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet. NIP6800 , Secospace USG6600 , USG9500 There is an input verification vulnerability in.Information may be tampered with
| VAR-202002-0606 | CVE-2020-1877 | plural HUAWEI Product vulnerabilities to access to uninitialized pointers |
CVSS V2: 4.9 CVSS V3: 4.4 Severity: MEDIUM |
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. NIP6800 , Secospace USG6600 , USG9500 Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be put into a state
| VAR-202002-0607 | CVE-2020-1881 | plural HUAWEI Product exhaustion vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices. NIP6800 , Secospace USG6600 , USG9500 Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state
| VAR-202002-0605 | CVE-2020-1876 | plural Huawei Out-of-bounds write vulnerabilities in the product |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. NIP6800 , Secospace USG6600 , USG9500 Is vulnerable to out-of-bounds writes.Service operation interruption (DoS) It may be put into a state