VARIoT IoT vulnerabilities database

A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. TOTOLINK of ex1800t Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK EX1800T is a Wi-Fi range extender from China's TOTOLINK Electronics. Totolink EX1800T has a buffer overflow vulnerability, which is caused by the loginAuth function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code or cause a denial of service

A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC7 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. In Tenda AC7 15.03.06.44 and earlier versions, the formSetFirewallCfg function of the /goform/SetFirewallCfg file has a stack overflow vulnerability when processing the firewallEn parameter. The vulnerability is caused by the program's failure to check the parameter length. Attackers can use this vulnerability to launch attacks remotely and achieve code execution

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00791311 / MOLY01067019; Issue ID: MSV-2721. ID teeth MOLY00791311 and MOLY01067019 And the problem ID teeth MSV-2721 is.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747. media tech's NR15 and nr16 Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DVP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CBDGL files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DVP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process.

TOSHIBA e-STUDIO2508A is a black and white laser digital printer, copy and color scanner. TOSHIBA e-STUDIO4518A is a black and white digital multifunction printer. TOSHIBA e-STUDIO2508A and TOSHIBA e-STUDIO4518A have unauthorized access vulnerabilities that can be exploited by attackers to obtain sensitive information.

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been declared as critical. This vulnerability affects the function setMtknatCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mtkhnatEnable leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of x18 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X18 is a Gigabit router from China's TOTOLINK Electronics. No detailed vulnerability details are provided at present

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lan_ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the TendaTelnet function in the /goform/telnet file failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC6 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC6 is a dual-band wireless router produced by China's Tenda Company in 2016. By manipulating the parameter wpapsk_crypto, it will cause a stack-based buffer overflow, and attackers can exploit this vulnerability to execute arbitrary code

A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function get_ip_addr_details of the file /view/vpn/sxh_vpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument ethname leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of dar-7000 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DAR-7000 is an Internet behavior management and auditing gateway device that provides Internet behavior management and auditing functions. D-Link DAR-7000 has a command injection vulnerability, which stems from the fact that the ethname parameter of the get_ip_addr_details function in the /view/vpn/sxh_vpn/sxh_vpnlic.php file is not properly filtered or validated. No detailed vulnerability details are currently available

TL-R480GPM-AC is a router. TL-R480GPM-AC of TP-Link Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Beijing StarNet Ruijie Network Technology Co., Ltd. is an industry-leading ICT infrastructure and industry solution provider. Its main business is the research, design and sales of network equipment, network security products and cloud desktop solutions. Beijing StarNet Ruijie Network Technology Co., Ltd. RG-UAC-6000-E20 has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Samsung (China) Investment Co., Ltd. is a company whose main business is: televisions, wires, audio-visual accessories, communication accessories, computers, computer network equipment, etc. Samsung (China) Investment Co., Ltd. Samsung sl-j3520w has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Mikasha (Shenzhen) Technology Co., Ltd. is a technology company that focuses on the research and development and production of smart drinking water equipment. Mikasha (Shenzhen) Technology Co., Ltd.'s MIKAPU Bluetooth model has a logic defect vulnerability, which can be exploited by attackers to unlock the water cup via Bluetooth and send Bluetooth commands to delete the user's fingerprint.

DCME-320 is a high-performance Internet egress gateway. Beijing Digital China Cloud Technology Co., Ltd. DCME-320 has an arbitrary file deletion vulnerability, which can be exploited by attackers to delete arbitrary files.

Linksys E5600 is a router product. Linksys E5600 has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

TL-R479GP-AC is an enterprise router from TP-Link Technologies Co., Ltd. TL-R479GP-AC from TP-Link Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Red Lion is an American company, Red Lion Controls, which provides a complete line of high-performance products to meet the needs of global customers. Red Lion SIXNET SYS-800-021 has a command injection vulnerability that can be exploited by attackers to gain server privileges.