VARIoT IoT vulnerabilities database
| VAR-201910-1351 | CVE-2013-4658 | Belkin Linksys EA6500 Path Traversal Vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. Linksys EA6500 Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Belkin Linksys EA6500 is a wireless router from Belkin.
A path traversal vulnerability exists in Linksys EA6500 that is caused by a network system or product that fails to properly filter a particular element in a resource or file path that an attacker could use to access a location outside of a restricted directory
| VAR-201910-1356 | CVE-2016-2359 | Milesight IP security cameras Authentication vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource. Milesight IP security cameras Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Milesight IP security cameras is an IP camera product of China Milesight Digital Technology (Milesight).
There are security vulnerabilities in Milesight IP security cameras 2016-11-14 and earlier
| VAR-201910-1353 | CVE-2016-2356 | Milesight IP security cameras Vulnerable to classic buffer overflow |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password. Milesight IP security cameras Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Milesight IP security cameras is an IP camera product of China Milesight Digital Technology (Milesight). The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow
| VAR-201910-1355 | CVE-2016-2358 | Milesight IP security cameras Vulnerabilities related to the use of hard-coded credentials |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts. Milesight IP security cameras Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could use this vulnerability to access these accounts
| VAR-201910-0663 | CVE-2019-16265 | CODESYS ENI server Vulnerable to out-of-bounds writing |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. CODESYS ENI server Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
| VAR-201910-1349 | CVE-2013-4857 | D-Link DIR-865L Blind in XPath Injection vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
D-Link DIR-865L has PHP File Inclusion in the router xml file. D-Link DIR-865L The blinds XPath An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-865L is a wireless router from Taiwan D-Link Corporation.
An unknown vulnerability exists in D-Link DIR-865L. No detailed vulnerability details are provided at this time
| VAR-201910-1347 | CVE-2013-4855 | D-Link DIR-865L path traversal vulnerability |
CVSS V2: 7.9 CVSS V3: 8.8 Severity: HIGH |
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. D-Link DIR-865L Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-865L is a wireless router from Taiwan D-Link Corporation.
A security vulnerability exists in D-Link DIR-865L, which originated from a failure to configure properly in the SMB service. An attacker could use this vulnerability to create a symbolic link to the router file system root
| VAR-201910-1354 | CVE-2016-2357 | Milesight IP security cameras Vulnerabilities related to the use of hard-coded credentials |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. Milesight IP security cameras Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. There are currently no detailed details of the vulnerability provided
| VAR-201910-1871 | No CVE | Command execution vulnerability exists in Dahua camera SSH service |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
Zhejiang Dahua Technology Co., Ltd. is a smart IoT solution provider and operation service provider with video as the core.
Dahua camera SSH service has a command execution vulnerability. Attackers can use this vulnerability to obtain camera root execution permissions.
| VAR-201910-1200 | CVE-2019-13652 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1187 | CVE-2019-13549 | Rittal Chiller SK 3232-Series Improper access control vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication. Carel pCOWeb Firmware is vulnerable to a lack of authentication for critical functions.Information may be tampered with. Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal
| VAR-201910-1196 | CVE-2019-13649 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1198 | CVE-2019-13650 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1201 | CVE-2019-13653 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1189 | CVE-2019-13553 | Rittal Chiller SK 3232-Series Trust Management Issue Vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point. Carel pCOWeb The firmware contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal
| VAR-201910-1199 | CVE-2019-13651 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1185 | CVE-2019-13546 | Philips IntelliSpace Perinatal Unauthorized Access Vulnerability |
CVSS V2: 7.2 CVSS V3: 6.8 Severity: MEDIUM |
In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. Due to potential Windows vulnerabilities, it may be possible for additional attack methods to be used to escalate privileges on the operating system. IntelliSpace Perinatal Contains a vulnerability related to the disclosure of resources to the wrong area.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Philips IntelliSpace Perinatal is a set of information management solutions for obstetric care in the medical industry for Philips in Europe.
An unauthorized access vulnerability exists in Philips IntelliSpace Perinatal K and previous versions
| VAR-201910-1034 | CVE-2019-18384 | TerraMaster FS-210 Vulnerability with improper permission assignment to critical resources on devices |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=*public*%25252Fadmin_OnlyRead.txt substring. TerraMaster FS-210 Devices are vulnerable to improper assignment of permissions to critical resources.Information may be obtained. Terramaster F2-210 is an entry-level dual-bay NAS.
TerraMaster F2-210 has an information disclosure vulnerability. An attacker could use this vulnerability to read a shared file without authorization
| VAR-201911-0268 | CVE-2019-5293 | plural Huawei Vulnerabilities related to lack of effective post-lifetime resource release in products |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal. plural Huawei The product is vulnerable to a lack of free resources after a valid lifetime.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei AR1200, etc. are all enterprise routers from China's Huawei
| VAR-201910-1035 | CVE-2019-18385 | TerraMaster FS-210 Vulnerability related to information disclosure from log files on devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring. TerraMaster FS-210 The device contains a vulnerability related to information disclosure from log files.Information may be obtained. Terramaster F2-210 is an entry-level dual-bay NAS