VARIoT IoT vulnerabilities database
| VAR-202002-1023 | CVE-2020-8126 | EdgeSwitch Vulnerability related to authority management in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15). EdgeSwitch Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A security vulnerability exists in EdgeSwitch versions prior to 1.7.1. The vulnerability stems from CGI scripts not adequately sanitizing user input. An attacker can exploit this vulnerability to execute local commands and elevate to administrator privileges (Privilege-1 to Privilege-15)
| VAR-202002-0403 | CVE-2019-19356 |
Netis WF2419 In OS Command injection vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-202003-0206 |
CVSS V2: 8.5 CVSS V3: 7.5 Severity: HIGH |
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing. Netis WF2419 To OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Netis WF2419 is a 300Mbps wireless router. The vulnerability stems from a lack of validation of user input
| VAR-202002-1208 | CVE-2020-6768 | plural Bosch Product path traversal vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. plural Bosch The product contains a past traversal vulnerability.Information may be obtained. Bosch DIVAR IP 3000 is a 3000 series video recorder of Germany Bosch.
Bosch DIVAR IP 3000 has a path traversal vulnerability
| VAR-202002-0410 | CVE-2019-14044 | plural Snapdragon Product Index Validation Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24. plural Snapdragon The product contains a vulnerability in array index validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm SDX24 and so on are the products of American Qualcomm. SDX24 is a modem. SDM630 is a central processing unit (CPU) product. SDM660 is a central processing unit (CPU) product.
The Camera in several Qualcomm products has an input validation error vulnerability. The vulnerability stems from a network system or product that did not properly validate the input data. An attacker could use this vulnerability to gain access beyond the scope
| VAR-202002-0411 | CVE-2019-14046 | plural Snapdragon Product Index Validation Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX24. plural Snapdragon The product contains a vulnerability in array index validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qualcomm SDX24 and so on are the products of American Qualcomm. SDX24 is a modem. QCS605 is a central processing unit (CPU) product. SDM439 is a central processing unit (CPU) product.
Kernel in Qualcomm QCS605, SDM439 and SDX24 has an input validation error vulnerability. The vulnerability stems from a network system or product that did not properly validate the input data. No detailed vulnerability details are provided at this time
| VAR-202002-0413 | CVE-2019-14051 | Qualcomm MDM9206 and MDM9607 Input Validation Error Vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607. (DoS) It may be put into a state. Qualcomm MDM9206 and MDM9607 are both a central processing unit (CPU) product from Qualcomm.
Kernel in Qualcomm MDM9206 and MDM9607 has an input validation error vulnerability. The vulnerability stems from a network system or product that did not properly validate the input data. An attacker could use this vulnerability to cause a buffer overflow and so on
| VAR-202002-0484 | CVE-2019-13163 | Interstage and Systemwalker Related product : TLS Vulnerabilities of multiple products in |
CVSS V2: 4.3 CVSS V3: 5.9 Severity: MEDIUM |
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15. Interstage and Systemwalker Related products etc. TLS For operation TLS Multiple product vulnerabilities related to CVE-2019-13163 ) Exists.A man-in-the-middle attacker between the server and the client could break the encrypted communication
| VAR-202002-0558 | CVE-2013-1202 | Cisco ACE Vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Cisco ACE A2(3.6) allows log retention DoS. An attacker could exploit this vulnerability by sending a large number of SSL connections to an affected device to exhaust the remaining free space on the hard drive, causing a denial of service
| VAR-202002-1700 | No CVE | moxa mb3170 and mb3270 gateways have unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
MOXA MB3180 / MB3280 / MB3480 series is an advanced Ethernet gateway device produced by Taiwan moxa Technology Co., Ltd.
The MOXA MB3180 / MB3280 / MB3480 series of advanced Ethernet gateways have information disclosure vulnerabilities. Attackers can use the vulnerabilities to launch further attacks.
| VAR-202002-1689 | No CVE | Moxa mb3180 / mb3280 / mb3480 series serial communication server has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
MOXA MGate is a serial communication server produced by Taiwan moxa Technology Co., Ltd.
The moxa mb3180 / mb3280 / mb3480 series serial communication server has an unauthorized access vulnerability. An attacker can use this vulnerability to reset the system IP, password, and restart the system.
| VAR-202002-1046 | CVE-2020-5720 | MikroTik WinBox Past Traversal Vulnerability in |
CVSS V2: 4.3 CVSS V3: 5.9 Severity: MEDIUM |
MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle attack. MikroTik WinBox Exists in a past traversal vulnerability.Information may be tampered with
| VAR-202002-1135 | CVE-2020-7953 | OpServices OpMon Vulnerability regarding lack of authentication for critical features in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered in OpServices OpMon 9.3.2. Without authentication, it is possible to read server files (e.g., /etc/passwd) due to the use of the nmap -iL (aka input file) option. OpServices OpMon There is a vulnerability in the lack of authentication for critical features.Information may be obtained. OpServices OpMon is an IT infrastructure monitoring software from Brazil.
OpServices OpMon has security holes
| VAR-202002-1231 | CVE-2020-6760 | Schmid ZI 620 V400 VPN In the router OS Command injection vulnerabilities |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metacharacters to an entry on the SSH subcommand menu, as demonstrated by ping. Schmid ZI 620 V400 VPN The router has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Schmid ZI 620 V400 VPN 090 Router is a router device. The vulnerability stems from the process of externally inputting data to construct the executable command of the operating system, and the network system or product did not properly filter the special characters and commands in it. The vulnerability executes illegal operating system commands
| VAR-202002-1238 | CVE-2020-8636 | OpServices OpMon Vulnerability regarding lack of authentication for critical features in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution . OpServices OpMon There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
| VAR-202002-1206 | CVE-2020-5856 | plural BIG-IP Product input verification vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default 'xnet' driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart. plural BIG-IP The product contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. The vulnerability stems from the failure of the network system or product to properly validate the input data. No detailed vulnerability details were provided at this time
| VAR-202002-1204 | CVE-2020-5854 | BIG-IP Input verification vulnerability in |
CVSS V2: 4.3 CVSS V3: 5.9 Severity: MEDIUM |
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made. BIG-IP There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected: F5 BIG-IP from version 15.0.0 to version 15.0.1.1, version 14.1.0 to version 14.1.2.2, version 14.0.0 to version 14.0.1, version 13.1.0 to version 13.1.3.1 , version 12.1.0 to version 12.1.5, version 11.6.0 to version 11.6.5.1
| VAR-202002-1136 | CVE-2020-7954 | OpServices OpMon Vulnerability related to authority management in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
An issue was discovered in OpServices OpMon 9.3.2. Starting from the apache user account, it is possible to perform privilege escalation through the lack of correct configuration in the server's sudoers file, which by default allows the execution of programs (e.g. nmap) without the need for a password with sudo. OpServices OpMon Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
| VAR-202002-1207 | CVE-2020-6767 | Bosch Video Management System path traversal vulnerability |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed. plural Bosch The product contains a past traversal vulnerability.Information may be obtained. Bosch DIVAR IP 3000 is a 3000 series video recorder from the German company Bosch (Bosch). The vulnerability stems from a network system or product failing to properly filter resources or special elements in the file path. An attacker can use this vulnerability to access a location outside the restricted directory
| VAR-202002-1116 | CVE-2020-5319 | plural Dell EMC Product Index Validation Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence. EMC UnityVSA is a virtual EMC Unity storage environment
| VAR-202002-1115 | CVE-2020-5318 | Dell EMC Isilon OneFS Unauthorized authentication vulnerability in |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations. An attacker may exploit this vulnerability to gain access to restricted files. The non-RAN HTTP and WebDAV file-serving components have a vulnerability wherein when either are enabled, and Basic Authentication is enabled for either or both components, files are accessible without authentication. The following products and versions are affected: Dell EMC Isilon OneFS version 8.1.2, version 8.1.0.4, version 8.1.0.3, version 8.0.0.7