VARIoT IoT vulnerabilities database

An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vulnerability. Nest Cam IQ Indoor Contains an out-of-bounds vulnerability.Information may be obtained. An attacker could use this vulnerability to cause a buffer overflow or heap overflow. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations

An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability. Google Nest Cam IQ Indoor is an indoor camera from Google in the United States

An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially crafted packet to trigger this vulnerability

An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger

An information leakage vulnerability in Iomega and LenovoEMC NAS products could allow disclosure of some device details such as Share names through the device API when Personal Cloud is enabled. This does not allow read, write, delete, or any other access to the underlying file systems and their contents. Iomega and LenovoEMC NAS Contains an information disclosure vulnerability.Information may be obtained. LenovoEMC px12-350r is a network storage device of LenovoEMC. An attacker could exploit this vulnerability to disclose device details. The following products and versions are affected: px12-350r version 4.0.24.34808; ix12-300r version 4.0.24.34808; HMNHD (Home Media Network Hard Drive) (Cloud Editiond) version 3.2.16.30221; StorCenter ix2-200 (Cloud Editiond)3.2. Version 16.30221; StorCenter ix4-200d (Cloud Edition) version 3.2.16.30221; StorCenter ix2-200 version 2.1.50.30227; StorCenter ix4-200d version 2.1.50.30227; StorCenter ix4-200rl version 2.1.50.30227

An exploitable authentication bypass vulnerability exists in the Bluetooth Low Energy (BLE) authentication module of YI M1 Mirrorless Camera V3.2-cn. An attacker can send a set of BLE commands to trigger this vulnerability, resulting in sensitive data leakage (e.g., personal photos). An attacker can also control the camera to record or take a picture after bypassing authentication. Xiaoyi micro single camera M1 is a micro single camera with built-in Bluetooth and wireless functions that can transfer photos to mobile phones. YI Technology M1 Mirrorless Camera is a digital camera produced by China YI Technology Company

An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. A set of TCP connections can cause unrestricted resource allocation, resulting in a denial of service. An attacker can connect multiple times to trigger this vulnerability. Google Nest Cam IQ Indoor is an indoor camera from Google. The Weave daemon in Google Nest Cam IQ Indoor 4620002 has a resource management error vulnerability that stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products that an attacker can exploit. Denial of service

An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buffer overflow, resulting in code execution. An attacker can craft a weave certificate to trigger this vulnerability. Openweave-core Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted Weave command. OpenWeave Openweave-core Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco)

A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco)

A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco). passed request)

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this vulnerability by sending traffic on a nonstandard port for the protocol in use through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked. Once the initial protocol flow on the nonstandard port is detected, future flows on the nonstandard port will be successfully detected and handled as configured by the applied policy. Cisco Firepower Management Center (FMC) and others are products of Cisco (Cisco)

Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application. Alpha5 Smart Loader Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PLD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of an administrator

Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Intel NUC Kit NUC7i7DNx, etc. are all products of Intel Corporation of the United States. Intel NUC Kit NUC7i7DNx is a small computer host device. NUC Kit NUC7i5DNx is a small computer host device. Compute Stick STK2MV64CC is an external computing module. An input validation error vulnerability exists in the system firmware of several Intel products due to the program's insufficient session validation. A local attacker could exploit this vulnerability to elevate privileges, cause a denial of service and/or disclose information. The following products and versions are affected: Intel NUC Kit NUC7i7DNx; NUC Kit NUC7i5DNx; NUC Kit NUC7i3DNx; Compute Stick STK2MV64CC; Compute Card CD1IV128MK

All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system. ZTE ZXHN F670 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN F670 is a modem from China ZTE Corporation (ZTE). An attacker could exploit the vulnerability to execute an illegal command. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data

All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts. ZTE ZXHN F670 is a modem from China ZTE Corporation (ZTE). The vulnerability stems from the lack of correct validation of client data in WEB applications

Advantech WebAccess / SCADA is a set of SCADA software based on browser architecture by Advantech of Taiwan, China. Advantech WebAccess has a remote code execution vulnerability. An attacker could use the vulnerability to obtain server information and permissions

Advantech WebAccess / SCADA is a set of SCADA software based on browser architecture by Advantech of Taiwan, China. Advantech WebAccess has an arbitrary file deletion vulnerability. Attackers can use the vulnerability to delete arbitrary files

The Siemens SIMATIC S7-300 CPU is a modular universal controller for the manufacturing industry from Siemens. The Siemens SIMATIC S7-300 PLC module is not authorized to bypass the execution of CPU attack vulnerabilities. The attacker can construct a special application layer data message, which causes arbitrary start and stop control of the PLC