VARIoT IoT vulnerabilities database

TL-R480GPM-AC is a router. TL-R480GPM-AC of TP-Link Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Beijing StarNet Ruijie Network Technology Co., Ltd. is an industry-leading ICT infrastructure and industry solution provider. Its main business is the research, design and sales of network equipment, network security products and cloud desktop solutions. Beijing StarNet Ruijie Network Technology Co., Ltd. RG-UAC-6000-E20 has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Linksys E5600 is a router product. Linksys E5600 has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the pppoe_dns1 parameter in the formIpv6Setup interface of /bin/boa. TOTOLINK of A3002R Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3002R is a wireless router from China's TOTOLINK Electronics. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_gw parameter in the formIpv6Setup interface of /bin/boa. TOTOLINK of A3002R Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3002R is a wireless router from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the static_ipv6 parameter in the formIpv6Setup interface of /bin/boa. TOTOLINK of A3002R Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3002R is a wireless router from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page. TRENDnet of TEW-929DRU Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. TRENDnet TEW-929DRU is a wireless router from TRENDnet, an American company. Attackers can exploit this vulnerability to execute arbitrary web scripts or HTML by injecting carefully designed payloads

TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. TRENDnet of TEW-929DRU contains a vulnerability related to the use of hardcoded passwords.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TEW-929DRU is a wireless router from TRENDnet, an American company

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the The ssid key of wifi_data parameter on the /captive_portal.htm page. TRENDnet of TEW-929DRU Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. TRENDnet TEW-929DRU is a wireless router from TRENDnet, an American company. TRENDnet TEW-929DRU has a cross-site scripting vulnerability. Attackers can exploit this vulnerability to execute arbitrary web scripts or HTML by injecting carefully designed payloads

Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the configname parameter on the /cbi_addcert.htm page. TRENDnet TEW-929DRU is a wireless router from TRENDnet, an American company. Attackers can exploit this vulnerability to execute arbitrary web scripts or HTML by injecting carefully designed payloads

GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less (fixed in 6.2.0), is vulnerable to credentials disclosure due to improper memory handling in the ASManagerService.exe process. GeoVision ASManager (GV-ASManager) is an access control system developed by GeoVision, a Chinese company. An attacker could exploit this vulnerability to obtain sensitive information

Beijing Huali Chuangtong Technology Co., Ltd. (hereinafter referred to as Huali Chuangtong) is a leader in information technology and innovative applications for domestic defense, government and industry. Beijing Huali Chuangtong Technology Co., Ltd.'s 6100 satellite mobile terminal has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

RICOH MP C4504e is a printer. RICOH MP C4504e of Ricoh (China) Investment Co., Ltd. has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

RICOH IM C300 is a color digital multifunction printer. RICOH IM C300 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Yaskawa Electric (China) Co., Ltd. is a company that provides overall solutions. Yaskawa Electric (China) Co., Ltd.'s Yaskawa MP2310 motion controller has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

HP LaserJet M211dw is a printer product. HP LaserJet M211dw of HP Trading (Shanghai) Co., Ltd. has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

FIR303B is a wireless router produced in mainland China. FIR304D is a wireless router. HGE318 is a wireless router. Shanghai Feixun Data Communication Technology Co., Ltd. has a command execution vulnerability in many routers. Attackers can use this vulnerability to execute arbitrary commands.

Beijing StarNet Ruijie Network Technology Co., Ltd. is an industry-leading ICT infrastructure and industry solution provider. Its main business is the research, design and sales of network equipment, network security products and cloud desktop solutions. Beijing StarNet Ruijie Network Technology Co., Ltd. RG-UAC-6000-E20 has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Shenzhen Samkoon Technology Co., Ltd. is a provider of industrial automation solutions. Shenzhen Samkoon Technology Co., Ltd. Samkoon FGRS-C8X8T-4/4PLC has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165/166 4.2.7 and earlier and Vigor2135/2765/2766 4.4.5.1 and earlier and Vigor2865/2866/2927 4.4.5.3 and earlier and Vigor2962/3910 4.3.2.8/4.4.3.1 and earlier and Vigor3912 4.3.6.1 and earlier allows a remote attacker to execute arbitrary code via the CGI parser's handling of the "Content-Length" header of HTTP POST requests. vigor2620 firmware, vigorlte200 firmware, vigor2860 firmware etc. DrayTek Corporation The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state