VARIoT IoT vulnerabilities database

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MaxIdTime field to SetWanSettings. D-Link DIR-823G The device firmware contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-823G is a wireless router from D-Link Corporation of Taiwan, China. A command injection vulnerability exists in the D-Link DIR-823G. The vulnerability stems from the external input data constructing executable commands, and the network system or product fails to properly filter the special elements. An attacker could exploit the vulnerability to execute an illegal command

cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh. Vera Edge Home Controller is a smart home central control unit. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Interface field to SetStaticRouteSettings. D-Link DIR-823G The device firmware contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-823G is a wireless router from D-Link Corporation of Taiwan, China. A command injection vulnerability exists in the D-Link DIR-823G. The vulnerability stems from the external input data constructing executable commands, and the network system or product fails to properly filter the special elements. An attacker could exploit this vulnerability to execute an illegal command

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the LoginPassword field to Login. D-Link DIR-823G The device firmware contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-823G is a wireless router from D-Link Corporation of Taiwan, China. A command injection vulnerability exists in the D-Link DIR-823G. The vulnerability stems from the external input data constructing executable commands, and the network system or product fails to properly filter the special elements. An attacker could exploit the vulnerability to execute an illegal command

An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Username field to Login. D-Link DIR-823G The device firmware contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-823G is a wireless router from D-Link Corporation of Taiwan, China. A command injection vulnerability exists in the D-Link DIR-823G. The vulnerability stems from the external input data constructing executable commands, and the network system or product fails to properly filter the special elements. An attacker could exploit the vulnerability to execute an illegal command

An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang. Both Motorola CX2L MWR04L and Motorola C1 MWR03 are wireless routers produced by Motorola. OpenWrt libuci in Motorola CX2L MWR04L version 1.01 and Motorola C1 MWR03 version 1.01 has an input validation error vulnerability, which is caused by the program not properly handling the lock of /tmp/.uci/network after receiving a long SetWanSettings command. An attacker could exploit this vulnerability to hang the device

Domoticz 4.10717 has XSS via item.Name. Domoticz Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Domoticz is an open source smart home system. The system supports the monitoring and control of a variety of smart home devices. A cross-site scripting vulnerability exists in Domoticz version 4.10717 that could allow an attacker to execute client-side code

Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring. Cuberite Contains a path traversal vulnerability.Information may be obtained. Cuberite is a lightweight, scalable multiplayer server written in C++. A path traversal vulnerability exists in versions of Cuberite 2019-06-11 that could allow an attacker to gain access to a location outside of a restricted directory

Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test. Ignite Realtime Openfire Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Ignite Realtime Openfire is a cross-platform open source real-time collaboration (RTC) server based on XMPP (formerly known as Jabber, instant messaging protocol) developed by Java in the Ignite Realtime community. It can build an efficient instant messaging server and support tens of thousands. The number of concurrent users

Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP. When a cable television provider sets up Smart TV Box at an individual residence, direct access from outside to the LAN side interface of Smart TV Box is disabled. However if the original setting is changed later, for example, LAN side interface connection to internet directly is enabled, access to Android Debug Bridge via port 5555/TCP of LAN side interface becomes enabled. Yoshiki Mori and Masaki Kubo of Cybersecurity Laboratory, National Institute of Information and Communications Technology reported this vulnerability to IPA

Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0, 6.0.6 and below may allow an attacker to implant third-party programs by recreating the image through specific methods. Fortinet FortiManager Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Fortinet FortiManager and Fortinet FortiManager VM are products of Fortinet. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains (ADOMs) to further simplify multi-device security deployment and management. Fortinet FortiManager VM is a centralized network security management platform for virtual machines. The platform can group devices into different management domains (ADOMs) for secure deployment and management. There is a security vulnerability in Fortinet FortiManager VM versions before 6.2.0 and 6.0.6. The vulnerability is caused by the lack of root file system integrity check in the program. An attacker could exploit this vulnerability to inject third-party programs

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. TP-Link TL-WR840N v4 The router firmware contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TTP-Link TL-WR840N is a wireless router from China Unicom (TP-Link). TP-Link TL-WR840N has an input validation error vulnerability. An attacker could exploit the vulnerability to execute arbitrary code

A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption. This exposed the default username and password used to authenticate to the MQTT broker. This issue affects Hickory Smart Ethernet Bridge, model number H077646. The firmware does not appear to contain versioning information

Shenzhen Lucky Tenda Technology Co., Ltd. is one of the first pioneers in China's wireless network field. Tenda W20E V15.11.0.6_CN has a command execution vulnerability, which can be used by an attacker to gain server permissions.

Shenzhen Lucky Tenda Technology Co., Ltd. is one of the first pioneers in China's wireless network field. Tenda W20E V15.11.0.6_CN has a command execution vulnerability, which can be used by an attacker to gain server permissions.

D-Link Dir-816 is a wireless router. The D-Link Dir-816 management system has an unauthorized access vulnerability that could be exploited by an attacker to execute arbitrary code.

D-Link Dir-859 is a wireless router. The D-Link Dir-859 management system has a command execution vulnerability that can be used by an attacker to execute arbitrary code.

Shenzhen Lucky Tenda Technology Co., Ltd. is one of the first pioneers in China's wireless network field. Tenda W20E V15.11.0.6_CN has a command execution vulnerability, which can be used by an attacker to gain server permissions.

Hangzhou DPtech Technology Co., Ltd. is a high-tech listed company integrating research and development, production and sales in the field of network security and application delivery. DPtech SSL VPN has a file containing a vulnerability that could be used by an attacker to gain sensitive information.

A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location. ProSyst Softoware mBS SDK is a software development kit for OSGi application development by German ProSyst Softoware company. The vulnerability stems from a network system or product's failure to properly filter special elements in a resource or file path. An attacker could use this vulnerability to access locations outside the restricted directory