VARIoT IoT vulnerabilities database
| VAR-202009-0480 | CVE-2019-16017 | Cisco Unified Customer Voice Portal Input confirmation vulnerability |
CVSS V2: 4.0 CVSS V3: 6.8 Severity: MEDIUM |
A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The vulnerability is due to insufficient input validation on specific pages of the OAMP application. An attacker could exploit this vulnerability by authenticating to Cisco Unified CVP and sending crafted HTTP requests. A successful exploit could allow an attacker with administrator or read-only privileges to learn information outside of their expected scope. An attacker with administrator privileges could modify certain configuration details of resources outside of their defined scope, which could result in a denial of service (DoS) condition. Cisco Unified Customer Voice Portal (CVP) Is vulnerable to input validation.Denial of service (DoS) It may be put into a state
| VAR-202009-0489 | CVE-2019-16007 | Android for Cisco AnyConnect Secure Mobility Client Vulnerability for inadequate validation of data reliability in |
CVSS V2: 5.8 CVSS V3: 7.1 Severity: HIGH |
A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application
| VAR-202009-0479 | CVE-2019-16009 | Cisco IOS and IOS XE Cross-site request forgery vulnerability in software |
CVSS V2: 7.6 CVSS V3: 8.8 Severity: HIGH |
A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user. If the user has administrative privileges, the attacker could alter the configuration, execute commands, or reload an affected device. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment
| VAR-202001-0698 | CVE-2019-15255 | Cisco Identity Services Engine Vulnerabilities related to lack of authentication |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information. Cisco Identity Services Engine (ISE) Vulnerable to a lack of authentication.Information may be obtained. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies
| VAR-202009-0488 | CVE-2019-16004 | Cisco Vision Dynamic Signage Director Vulnerability regarding lack of authentication for critical features in |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerability by sending a request to one of the affected calls. A successful exploit could allow the attacker to interact with some parts of the API
| VAR-202001-0502 | CVE-2019-16005 | Cisco Webex Video Mesh Vulnerability in injection |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrative privileges and supplying crafted requests to the application. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges on a targeted node. Cisco Webex Video Mesh Contains an injection vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state
| VAR-202001-0492 | CVE-2019-16024 | Cisco Crosswork Change Automation Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco Crosswork Change Automation Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified
| VAR-202001-0719 | CVE-2019-18386 | Unisys ClearPath Forward Libra and ClearPath MCP Software Series Input validation vulnerability |
CVSS V2: 5.8 CVSS V3: 8.7 Severity: HIGH |
Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel. Remote attackers can exploit this vulnerability to cause system failure and other damage
| VAR-202001-1693 | CVE-2020-5841 | OpServices OpMon In SQL Injection vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered in OpServices OpMon 9.3.1-1. Using password change parameters, an attacker could perform SQL injection without authentication. OpServices OpMon In SQL An injection vulnerability exists.Information is acquired, information is falsified, and denial of service (DoS) May be in a state
| VAR-202001-1983 | No CVE | RICOH SP 4510SF Printer HTML Injection Vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
RICOH SP 4510SF Printer is a printer.
RICOH SP 4510SF Printer has an HTML injection vulnerability. An attacker could use the vulnerability to execute arbitrary code.
| VAR-202001-1473 | CVE-2019-10578 | plural Snapdragon In products NULL Pointer dereference vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon Products include NULL A vulnerability exists in pointer dereferencing.Denial of service (DoS) May be in a state. Qualcomm MDM9206, etc. are all products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX20 is a modem.
Video in many Qualcomm products has an input verification error vulnerability. A remote attacker can use a specially crafted clip file to exploit the vulnerability to cause a denial of service
| VAR-202001-0301 | CVE-2019-18652 | WatchGuard XMT515 Cross-Site Scripting Vulnerability |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing a remote attacker to execute JavaScript in the victim's browser by tricking the victim into clicking on a crafted link. The payload was tested in Microsoft Internet Explorer 11.418.18362.0 and Microsoft Edge 44.18362.387.0 (Microsoft EdgeHTML 18.18362). WatchGuard XMT515 Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified. WatchGuard XMT515 is a firewall router product of WatchGuard Company in the United States.
WatchGuard XMT515 12.1.3 and earlier versions have cross-site scripting vulnerabilities. The vulnerability stems from the lack of proper validation of client data by web applications. An attacker could use this vulnerability to execute client code
| VAR-202001-1493 | CVE-2019-10548 | plural Snapdragon Products use free memory vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Qualcomm MSM8996AU, etc. are all a central processing unit (CPU) product of Qualcomm.
HLOS Data in many Qualcomm products has a resource management error vulnerability. Local attackers can use this vulnerability to execute arbitrary code or cause a denial of service by sending a specially crafted request
| VAR-202001-1314 | CVE-2014-5209 | NTP Information Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information. NTP Contains an information disclosure vulnerability.Information may be obtained. Network Time Protocol (NTP, Network Time Protocol) is a network protocol that synchronizes the clocks of two computers by exchanging data packets. This vulnerability stems from configuration errors in network systems or products during operation
| VAR-202001-0504 | CVE-2019-16154 | FortiAuthenticator WEB UI Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
An improper neutralization of input during web page generation in FortiAuthenticator WEB UI 6.0.0 may allow an unauthenticated user to perform a cross-site scripting attack (XSS) via a parameter of the logon page. FortiAuthenticator WEB UI Contains a cross-site scripting vulnerability.The information may be obtained and the information may be falsified
| VAR-202001-1478 | CVE-2019-10583 | plural Snapdragon Products use free memory vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a vulnerability related to the use of freed memory.Information is acquired, information is falsified, and denial of service (DoS) May be in a state
| VAR-202001-1975 | No CVE | KPS2204-2T4D-L3-L3 Command Execution Vulnerability |
CVSS V2: 6.5 CVSS V3: - Severity: MEDIUM |
KPS2204-2T4D-L3-L3 is a protocol converter device that integrates Ethernet and serial data transmission.
KPS2204-2T4D-L3-L3 has a command execution vulnerability. An attacker can use this vulnerability to gain root privileges on the device.
| VAR-202001-0497 | CVE-2019-16272 | DTEN D5 and D7 Unauthorized authentication vulnerabilities in devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge (adb) enablement. DTEN D5 and D7 The device contains an incorrect authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. DTEN D5 and DTEN D7 are both a stylus from DTEN.
DTEN D5 and D7 security vulnerabilities in versions prior to 1.3.4. An attacker could use this vulnerability to obtain information (including Zoom conference content)
| VAR-202001-0313 | CVE-2019-20348 | OKER G232V1 In the device OS Command injection vulnerability |
CVSS V2: 7.2 CVSS V3: 6.8 Severity: MEDIUM |
OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks. OKER G232V1 Devices include: OS A command injection vulnerability exists.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. OKER G232V1 is a network camera.
An access control error vulnerability exists in OKER G232V1 v1.03.02.20161129. The vulnerability stems from a network system or product that did not properly restrict access to resources from unauthorized roles
| VAR-202001-0499 | CVE-2019-16274 | DTEN D5 and D7 Lack of encryption of sensitive data on device vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data files via unencrypted HTTP. DTEN D5 and D7 The device is vulnerable to a lack of encryption of sensitive data.Information may be obtained. DTEN D5 and DTEN D7 are both a stylus from DTEN. An attacker could use this vulnerability to access PDF files or other sensitive files on a shared whiteboard