VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202002-1023 CVE-2020-8126 EdgeSwitch Vulnerability related to authority management in CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15). EdgeSwitch Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A security vulnerability exists in EdgeSwitch versions prior to 1.7.1. The vulnerability stems from CGI scripts not adequately sanitizing user input. An attacker can exploit this vulnerability to execute local commands and elevate to administrator privileges (Privilege-1 to Privilege-15)
VAR-202002-0403 CVE-2019-19356 Netis WF2419 In OS Command injection vulnerabilities

Related entries in the VARIoT exploits database: VAR-E-202003-0206
CVSS V2: 8.5
CVSS V3: 7.5
Severity: HIGH
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing. Netis WF2419 To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Netis WF2419 is a 300Mbps wireless router. The vulnerability stems from a lack of validation of user input
VAR-202002-1208 CVE-2020-6768 plural Bosch Product path traversal vulnerabilities CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. plural Bosch The product contains a past traversal vulnerability.Information may be obtained. Bosch DIVAR IP 3000 is a 3000 series video recorder of Germany Bosch. Bosch DIVAR IP 3000 has a path traversal vulnerability
VAR-202002-0410 CVE-2019-14044 plural Snapdragon Product Index Validation Vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24. plural Snapdragon The product contains a vulnerability in array index validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm SDX24 and so on are the products of American Qualcomm. SDX24 is a modem. SDM630 is a central processing unit (CPU) product. SDM660 is a central processing unit (CPU) product. The Camera in several Qualcomm products has an input validation error vulnerability. The vulnerability stems from a network system or product that did not properly validate the input data. An attacker could use this vulnerability to gain access beyond the scope
VAR-202002-0411 CVE-2019-14046 plural Snapdragon Product Index Validation Vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX24. plural Snapdragon The product contains a vulnerability in array index validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm SDX24 and so on are the products of American Qualcomm. SDX24 is a modem. QCS605 is a central processing unit (CPU) product. SDM439 is a central processing unit (CPU) product. Kernel in Qualcomm QCS605, SDM439 and SDX24 has an input validation error vulnerability. The vulnerability stems from a network system or product that did not properly validate the input data. No detailed vulnerability details are provided at this time
VAR-202002-0413 CVE-2019-14051 Qualcomm MDM9206 and MDM9607 Input Validation Error Vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607. (DoS) It may be put into a state. Qualcomm MDM9206 and MDM9607 are both a central processing unit (CPU) product from Qualcomm. Kernel in Qualcomm MDM9206 and MDM9607 has an input validation error vulnerability. The vulnerability stems from a network system or product that did not properly validate the input data. An attacker could use this vulnerability to cause a buffer overflow and so on
VAR-202002-0484 CVE-2019-13163 Interstage and Systemwalker Related product : TLS Vulnerabilities of multiple products in CVSS V2: 4.3
CVSS V3: 5.9
Severity: MEDIUM
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15. Interstage and Systemwalker Related products etc. TLS For operation TLS Multiple product vulnerabilities related to CVE-2019-13163 ) Exists.A man-in-the-middle attacker between the server and the client could break the encrypted communication
VAR-202002-0558 CVE-2013-1202 Cisco ACE Vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Cisco ACE A2(3.6) allows log retention DoS. An attacker could exploit this vulnerability by sending a large number of SSL connections to an affected device to exhaust the remaining free space on the hard drive, causing a denial of service
VAR-202002-1700 No CVE moxa mb3170 and mb3270 gateways have unauthorized access vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
MOXA MB3180 / MB3280 / MB3480 series is an advanced Ethernet gateway device produced by Taiwan moxa Technology Co., Ltd. The MOXA MB3180 / MB3280 / MB3480 series of advanced Ethernet gateways have information disclosure vulnerabilities. Attackers can use the vulnerabilities to launch further attacks.
VAR-202002-1689 No CVE Moxa mb3180 / mb3280 / mb3480 series serial communication server has unauthorized access vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
MOXA MGate is a serial communication server produced by Taiwan moxa Technology Co., Ltd. The moxa mb3180 / mb3280 / mb3480 series serial communication server has an unauthorized access vulnerability. An attacker can use this vulnerability to reset the system IP, password, and restart the system.
VAR-202002-1046 CVE-2020-5720 MikroTik WinBox Past Traversal Vulnerability in CVSS V2: 4.3
CVSS V3: 5.9
Severity: MEDIUM
MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle attack. MikroTik WinBox Exists in a past traversal vulnerability.Information may be tampered with
VAR-202002-1135 CVE-2020-7953 OpServices OpMon Vulnerability regarding lack of authentication for critical features in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
An issue was discovered in OpServices OpMon 9.3.2. Without authentication, it is possible to read server files (e.g., /etc/passwd) due to the use of the nmap -iL (aka input file) option. OpServices OpMon There is a vulnerability in the lack of authentication for critical features.Information may be obtained. OpServices OpMon is an IT infrastructure monitoring software from Brazil. OpServices OpMon has security holes
VAR-202002-1231 CVE-2020-6760 Schmid ZI 620 V400 VPN In the router OS Command injection vulnerabilities CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping. Schmid ZI 620 V400 VPN The router has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Schmid ZI 620 V400 VPN 090 Router is a router device. The vulnerability stems from the process of externally inputting data to construct the executable command of the operating system, and the network system or product did not properly filter the special characters and commands in it. The vulnerability executes illegal operating system commands
VAR-202002-1238 CVE-2020-8636 OpServices OpMon Vulnerability regarding lack of authentication for critical features in CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution . OpServices OpMon There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
VAR-202002-1206 CVE-2020-5856 plural BIG-IP Product input verification vulnerabilities CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart. plural BIG-IP The product contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. The vulnerability stems from the failure of the network system or product to properly validate the input data. No detailed vulnerability details were provided at this time
VAR-202002-1204 CVE-2020-5854 BIG-IP Input verification vulnerability in CVSS V2: 4.3
CVSS V3: 5.9
Severity: MEDIUM
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made. BIG-IP There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: F5 BIG-IP from version 15.0.0 to version 15.0.1.1, version 14.1.0 to version 14.1.2.2, version 14.0.0 to version 14.0.1, version 13.1.0 to version 13.1.3.1 , version 12.1.0 to version 12.1.5, version 11.6.0 to version 11.6.5.1
VAR-202002-1136 CVE-2020-7954 OpServices OpMon Vulnerability related to authority management in CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in OpServices OpMon 9.3.2. Starting from the apache user account, it is possible to perform privilege escalation through the lack of correct configuration in the server's sudoers file, which by default allows the execution of programs (e.g. nmap) without the need for a password with sudo. OpServices OpMon Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
VAR-202002-1207 CVE-2020-6767 Bosch Video Management System path traversal vulnerability CVSS V2: 4.0
CVSS V3: 6.5
Severity: MEDIUM
A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. plural Bosch The product contains a past traversal vulnerability.Information may be obtained. Bosch DIVAR IP 3000 is a 3000 series video recorder from the German company Bosch (Bosch). The vulnerability stems from a network system or product failing to properly filter resources or special elements in the file path. An attacker can use this vulnerability to access a location outside the restricted directory
VAR-202002-1116 CVE-2020-5319 plural Dell EMC Product Index Validation Vulnerability CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence. EMC UnityVSA is a virtual EMC Unity storage environment
VAR-202002-1115 CVE-2020-5318 Dell EMC Isilon OneFS Unauthorized authentication vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations. An attacker may exploit this vulnerability to gain access to restricted files. The non-RAN HTTP and WebDAV file-serving components have a vulnerability wherein when either are enabled, and Basic Authentication is enabled for either or both components, files are accessible without authentication. The following products and versions are affected: Dell EMC Isilon OneFS version 8.1.2, version 8.1.0.4, version 8.1.0.3, version 8.0.0.7