VARIoT IoT vulnerabilities database
| VAR-201909-1557 | No CVE | ABB Pluto Manager has dll hijacking vulnerability |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
The ABB Group is a global leader in power and automation technology, dedicated to providing solutions to customers in the industrial and power industries.
ABB Pluto Manager has a dll hijacking vulnerability. Attackers can use the vulnerability to load malicious dlls and execute malicious code
| VAR-201909-0587 | CVE-2019-16190 | plural D-Link Authentication vulnerabilities in product devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to folder_view.php or category_view.php. D-Link DIR-868L REVB , DIR-885L REVA , DIR-895L REVA Devices have authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-868L REVB and so on are all wireless routers from Taiwan D-Link.
There are security vulnerabilities in SharePort Web Access in D-Link DIR-868L REVB 2.03 and earlier, DIR-885L REVA 1.20 and earlier, and DIR-895L REVA 1.21 and earlier. An attacker could use this vulnerability to bypass authentication
| VAR-201909-0106 | CVE-2019-5054 | NETGEAR N300 HTTP On the server NULL Pointer dereference vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability. NETGEAR N300 is a wireless router of NETGEAR
| VAR-201909-0608 | CVE-2019-16099 | Silver Peak EdgeConnect SD-WAN Vulnerable to cross-site request forgery |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. Silver Peak EdgeConnect SD-WAN Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
| VAR-201909-0610 | CVE-2019-16101 | Silver Peak EdgeConnect SD-WAN Vulnerable to information disclosure |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. Silver Peak EdgeConnect SD-WAN Contains an information disclosure vulnerability.Information may be obtained. The platform mainly provides functions such as path conditioning, application classification, routing and virtual WAN overlay
| VAR-201909-0532 | CVE-2019-16105 | Silver Peak EdgeConnect SD-WAN Path traversal vulnerability |
CVSS V2: 4.0 CVSS V3: 4.9 Severity: MEDIUM |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. The platform mainly provides functions such as path conditioning, application classification, routing and virtual WAN overlay. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories
| VAR-201909-0613 | CVE-2019-16104 | Silver Peak EdgeConnect SD-WAN Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. Silver Peak EdgeConnect SD-WAN Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. The platform mainly provides functions such as path conditioning, application classification, routing and virtual WAN overlay. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
| VAR-201909-0612 | CVE-2019-16103 | Silver Peak EdgeConnect SD-WAN Vulnerabilities related to authorization, permissions, and access control |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. Silver Peak EdgeConnect SD-WAN Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Silver Peak Systems EdgeConnect SD-WAN is a software-defined generalized network platform from Silver Peak Systems in the United States. The platform mainly provides functions such as path conditioning, application classification, routing and virtual WAN overlay. A security vulnerability exists in Silver Peak Systems EdgeConnect SD-WAN prior to 8.1.7.x. An attacker could exploit this vulnerability to elevate privileges
| VAR-201909-0611 | CVE-2019-16102 | Silver Peak EdgeConnect SD-WAN Input validation vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. Silver Peak EdgeConnect SD-WAN Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The platform mainly provides functions such as path conditioning, application classification, routing and virtual WAN overlay. The vulnerability stems from the failure of the network system or product to properly validate the input data
| VAR-201909-0609 | CVE-2019-16100 | Silver Peak EdgeConnect SD-WAN Input validation vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. Silver Peak EdgeConnect SD-WAN Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state
| VAR-201909-1664 | No CVE | Information disclosure vulnerability in Ruijie's unified online behavior management and auditing system |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a company that provides end-to-end solutions for users in various industries using new technologies such as cloud computing, SDN, mobile internet, big data, and the Internet of Things.
An information disclosure vulnerability exists in Ruijie's unified online behavior management and auditing system. Attackers can use this vulnerability to obtain sensitive information.
| VAR-201909-1437 | CVE-2019-10891 | D-link DIR-806 Device code injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header. D-link DIR-806 The device contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-806 is a wireless router from Taiwan D-Link.
A code injection vulnerability exists in D-Link DIR-806
| VAR-201909-1438 | CVE-2019-10892 | D-link DIR-806 Device buffer error vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it finally leads to a stack-based buffer overflow via a special HTTP header. D-link DIR-806 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Dlink DIR-806 is a wireless AC1200 dual-band router. An attacker could exploit this vulnerability to run Shellcode via a long HTTP header that starts with "SOAPAction: http://purenetworks.com/HNAP1/GetDeviceSettings/"
| VAR-201909-1556 | No CVE | ABB Panel Builder 600 has dll hijacking vulnerability |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
The ABB Group is a global leader in power and automation technology, dedicated to providing solutions to customers in the industrial and power industries.
ABB Panel Builder 600 has a dll hijacking vulnerability. Attackers can use the vulnerability to load malicious dlls and execute malicious code
| VAR-201909-1498 | CVE-2019-12223 | Hanwah Techwin SRN-472s and SRN-x Device buffer error vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117 characters. The username triggers a buffer overflow in the main process controlling operation of the DVR system, rendering services unavailable during the reboot operation. A repeated attack affects availability as long as the attacker has network access to the device. Hanwah Techwin SRN-472s and SRN-x The device contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Hanwah Techwin SRN-472s is a network video recorder produced by Hanwah Techwin in Korea. NVR WebViewer is a set of web-based surveillance video management system running in it. The NVR WebViewer in Hanwah Techwin SRN-472s version 1.07_190502 and other SRN series products (before 2019-05-03) has a buffer error vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
| VAR-201909-0680 | CVE-2019-13361 | Smanos W100 Device permission vulnerability |
CVSS V2: 3.3 CVSS V3: 6.5 Severity: MEDIUM |
Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network. Smanos W100 The device contains a permission vulnerability.Information may be tampered with. Smanos W100 is a home security alarm device produced by Smanos company in the Netherlands. A security vulnerability exists in Smanos W100 version 1.0.0. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
| VAR-201909-1544 | No CVE | Denial of service vulnerability exists in Siemens SIMATIC S7-300 PLC |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Siemens SIMATIC S7-300 is a modular universal controller of Siemens (Siemens) for the manufacturing industry.
A denial of service vulnerability exists in Siemens SIMATIC S7-300 PLC. The attacker can cause the HTTP service to refuse to respond by constructing special data packets
| VAR-201909-1542 | No CVE | Buffer Overflow Vulnerability in Zijinqiao Monitoring Configuration Software RealInfo |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
RealInfo is an industrial automation monitoring configuration software developed by PetroChina Daqing Zijinqiao Software Technology Company.
There is a buffer overflow vulnerability in the real-time configuration software of Zijinqiao RealInfo. An attacker can trigger a vulnerability through a special string, causing the program to crash
| VAR-201909-1016 | CVE-2019-14278 | Knowage Vulnerable to information disclosure |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
In Knowage through 6.1.1, an unauthenticated user can enumerated valid usernames via the ChangePwdServlet page. Knowage Contains an information disclosure vulnerability.Information may be obtained
| VAR-201909-0689 | CVE-2019-13188 | Knowage Vulnerabilities in access control |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application. Knowage Contains an access control vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state