VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201910-0295 CVE-2019-5699 NVIDIA Shield TV Experience Buffer error vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges. NVIDIA SHIELD TV entertainment console is a living room entertainment device released by NVIDIA. This vulnerability originates from incorrect boundary checks performed by programs
VAR-201910-0940 CVE-2019-15023 Zingbox Inspector Vulnerabilities related to clearing important information in plaintext CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in passwords for 3rd party integrations being stored in cleartext in device configuration. Zingbox Inspector Contains a vulnerability in the clearing of important information.Information may be obtained. An attacker could use this vulnerability to obtain third-party integrated user credentials. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT Control Center solution from Palo Alto Networks, USA. There are security vulnerabilities in Palo Alto Networks Zingbox Inspector 1.294 and earlier
VAR-201910-0659 CVE-2019-14570 Intel(R) NUC Buffer error vulnerability CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Memory corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Intel(R) NUC Contains a buffer error vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Intel NUC Kit is a small desktop computer from Intel Corporation of the United States. A memory corruption vulnerability exists in the Intel NUC system firmware. A local attacker could use this vulnerability to elevate privileges, cause a denial of service, and / or obtain information
VAR-201910-0658 CVE-2019-14569 Intel(R) NUC Buffer error vulnerability CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Pointer corruption in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Intel(R) NUC Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel NUC Kit is a small desktop computer from Intel Corporation of the United States. A pointer corruption vulnerability exists in the Intel NUC system firmware. A local attacker could use this vulnerability to elevate privileges, cause a denial of service, and / or obtain information
VAR-201910-0934 CVE-2019-15017 Zingbox Inspector Vulnerabilities related to the use of hard-coded credentials CVSS V2: 7.2
CVSS V3: 8.4
Severity: HIGH
The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials. Zingbox Inspector Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT Control Center solution from Palo Alto Networks, USA. A trust management issue vulnerability exists in Palo Alto Networks Zingbox Inspector 1.294 and earlier. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use the default password or hard-coded passwords, hard-coded certificates, etc. to attack the affected components
VAR-201910-0939 CVE-2019-15022 Zingbox Inspector Vulnerabilities in spoofing authentication bypass CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that allows for the Inspector to be susceptible to ARP spoofing. An attacker could use this vulnerability to obtain sensitive information or cause a denial of service. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT Control Center solution from Palo Alto Networks, USA. Attackers can use this vulnerability to perform ARP spoofing attacks
VAR-201910-0933 CVE-2019-15016 Palo Alto Networks Zingbox Inspector SQL injection vulnerability CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
An SQL injection vulnerability exists in the management interface of Zingbox Inspector versions 1.288 and earlier, that allows for unsanitized data provided by an authenticated user to be passed from the web UI into the database. Zingbox Inspector Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT Control Center solution from Palo Alto Networks, USA. The vulnerability stems from the lack of validation of externally entered SQL statements by database-based applications. An attacker could use this vulnerability to execute illegal SQL commands
VAR-201910-1659 CVE-2019-0072 Juniper Networks SBR Carrier Vulnerable to information leak from cache CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
An Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information. This issue affects: Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R13; 8.5.0 versions prior to 8.5.0R4. Juniper Networks SBR Carrier is a set of AAA (Authentication, Authorization and Accounting) servers suitable for operators from Juniper Networks. The product mainly provides functions such as network resource management, user access control, and billing
VAR-201910-1261 CVE-2019-17373 plural NETGEAR Authentication vulnerabilities in devices CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2. plural NETGEAR The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NETGEAR MBR1515 is a wireless router of NETGEAR. A number of NETGEAR products have authorization issues. The vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. There is currently no detailed vulnerability details provided
VAR-201910-0937 CVE-2019-15020 Zingbox Inspector Injection vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection. Zingbox Inspector Contains an injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT Control Center solution from Palo Alto Networks. There are security vulnerabilities in Palo Alto Networks Zingbox Inspector 1.293 and earlier. The vulnerability originates from the operation of the user to enter a construction command, data structure, or record. The network system or product failed to properly verify the user's input data. The special elements were not filtered or incorrectly filtered out, which caused the system or product to generate. Wrong parsing or interpretation. The vulnerability stems from the network system or product improperly restricting access to resources from unauthorized roles
VAR-201910-0936 CVE-2019-15019 Palo Alto Networks Zingbox Inspector Input Validation Error Vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector. Zingbox Inspector Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT Control Center solution from Palo Alto Networks. The vulnerability stems from network systems or products that did not properly validate the input data. No detailed vulnerability details are provided at this time
VAR-201910-0938 CVE-2019-15021 Zingbox Inspector Information Disclosure Vulnerability CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network. Zingbox Inspector Contains an information disclosure vulnerability.Information may be obtained. Palo Alto Networks Zingbox Inspector is a locally deployed device in a Zingbox IoT Command Center IoT control center solution from Palo Alto Networks. A code issue vulnerability exists in Palo Alto Networks Zingbox Inspector 1.294 and earlier. The vulnerability stems from errors in the configuration of network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information about the affected components
VAR-201910-1260 CVE-2019-17372 plural NETGEAR Authentication vulnerabilities in devices CVSS V2: 4.3
CVSS V3: 8.1
Severity: HIGH
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L. plural NETGEAR The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NETGEAR AC1450, etc. are all wireless routers of NETGEAR. A number of NETGEAR products have authorization issues. The vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. There is currently no detailed vulnerability details provided
VAR-201910-1280 CVE-2019-17353 D-Link DIR-615 Authentication vulnerabilities in device firmware CVSS V2: 6.4
CVSS V3: 8.2
Severity: HIGH
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. D-Link DIR-615 There is an authentication vulnerability in the device firmware.Information may be obtained and information may be altered. D-Link DIR-615 is a wireless router from D-Link, Taiwan. The vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products
VAR-201910-1281 CVE-2019-17354 Zyxel NBG-418N v2 Vulnerabilities related to authentication in firmware CVSS V2: 7.5
CVSS V3: 9.4
Severity: CRITICAL
wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page. Zyxel NBG-418N v2 Authentication firmware contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZyXEL NBG-418N v2 is a wireless router from China ZyXEL (ZyXEL) company. The wan.htm page in Zyxel NBG-418N v2 using V1.00 (AARP.9) C0 firmware has an authorization issue vulnerability. The vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. There is currently no detailed vulnerability details provided
VAR-201910-0296 CVE-2019-5700 NVIDIA Shield TV Experience Input validation vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. NVIDIA SHIELD TV entertainment console is a living room entertainment device released by NVIDIA. Attackers can use this vulnerability to execute code, cause denial of service, elevate permissions, and leak information
VAR-201910-1692 CVE-2019-9530 Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal CVSS V2: 4.9
CVSS V3: 5.5
Severity: MEDIUM
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. CVE-2019-9534 This product does not perform firmware image verification. Additionally, a development script left in the firmware allows you to upload and run a custom firmware image. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534
VAR-201910-0320 CVE-2019-9534 Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. This could allow a remote attacker to access the device and execute these commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534
VAR-201910-0319 CVE-2019-9533 Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions to gain authenticated access to the device. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. Therefore, an attacker within the local network can Web The portal may be accessed and settings may be changed. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. CVE-2019-9532 Of the product Web The interface sends the password for login in clear text. Therefore, password information may be stolen by an attacker within the local network. CVE-2019-9534 This product does not perform firmware image verification. Additionally, a development script left in the firmware allows you to upload and run a custom firmware image. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534
VAR-201910-0318 CVE-2019-9532 Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal CVSS V2: 2.1
CVSS V3: 7.8
Severity: HIGH
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal. CERT/CC researchers examined the satcom terminal Cobham EXPLORER 710 as an expansion of work from IOActive’s findings in 2014. Cobham EXPLORER 710 is a portable satellite communications terminal used for satellite communications and Internet access. Cobham EXPLORER 710 The following multiple vulnerabilities exist in. CVE-2019-9529 Of the product Web The interface does not require authentication in its default state. CVE-2019-9530 There are no access restrictions on the document root directory of the product. Therefore, arbitrary files may be accessed by an attacker within the local network. CVE-2019-9531 Of the product 5454/tcp without authenticating to the port telnet connection is possible and telnet After connecting, 86 kind of Attention (AT) It is possible to execute commands. CVE-2019-9533 Firmware of the product v1.08 and all previous versions, the same root A password is used. By analyzing any applicable version of the firmware, an attacker can root It is possible to steal passwords. CVE-2019-9534 This product does not perform firmware image verification. Additionally, a development script left in the firmware allows you to upload and run a custom firmware image. Therefore, attackers within the local network can install tampered firmware, modify or steal communication content, install backdoors, and disrupt service operations. (DoS) Attacks may occur. In addition CERT/CC According to WiFi Because the password is set as HTTP It lacks headers and is also vulnerable to cross-site scripting and clickjacking attacks. These vulnerabilities are 2014 carried out in IOActive ’ s findings As a series of studies on CERT/CC newly discovered by researchers.The potential impact will vary for each vulnerability, but you may be affected by: * Leakage or falsification of information - CVE-2019-9529 , CVE-2019-9530 , CVE-2019-9531 , CVE-2019-9532 , CVE-2019-9533 , CVE-2019-9534* Execute arbitrary command - CVE-2019-9531* Service operation interruption (DoS) - CVE-2019-9534