VARIoT IoT vulnerabilities database
| VAR-201908-0569 | CVE-2019-13406 | AndroVideo Advan VD-1 Access Control Error Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication. AndroVideo Advan VD-1 is a security camera from Taiwan's AndroVideo. AndroVideo Advan VD-1 is a security camera produced by AndroVideo Company in Taiwan, China
| VAR-201908-1622 | CVE-2019-10059 | Lexmark Vulnerabilities related to security functions in devices |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices. Lexmark The device contains vulnerabilities related to security functions.Information may be obtained. Lexmark CS31x and others are all printers from Lexmark. This vulnerability is due to the lack of security measures such as authentication, access control, and rights management in network systems or products. The following products and versions are affected: Lexmark CS31x using LW71.VYL.P233 and earlier; CS41x using LW71.VY2.P233 and earlier; CS51x using LW71.VY4.P233 and earlier; using LW71.GM2.P233 and earlier version of the CX310, etc
| VAR-201908-0064 | CVE-2019-9931 | plural Lexmark Vulnerability related to input validation in printers |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. plural Lexmark The printer contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state
| VAR-201908-0063 | CVE-2019-9930 | plural Lexmark Product integer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Various Lexmark products have an Integer Overflow. plural Lexmark The product contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
| VAR-201908-0845 | CVE-2019-1963 | Cisco FXOS Software and Cisco NX-OS Software input validation vulnerability |
CVSS V2: 6.8 CVSS V3: 6.5 Severity: MEDIUM |
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. Cisco FXOS Software and Cisco NX-OS The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Firepower 4100 Series, etc. are all products of Cisco (Cisco). Cisco Firepower 4100 Series is a 4100 series firewall device. Cisco Nexus 3000 Series Switches is a 3000 series switch. Cisco MDS 9000 Series Multilayer Switches is a MDS 9000 series multilayer switch. The following products and versions are affected: Cisco Firepower 4100 Series; Firepower 9300 Security Appliances; MDS 9000 Series Multilayer Switches; Nexus 1000 Virtual Edge for VMware vSphere; Nexus 1000V Switch for Microsoft Hyper-V; Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 5500 Platform Switches; Nexus 5600 Platform Switches; Nexus 6000 Series Switches; Nexus 7000
| VAR-201908-0847 | CVE-2019-1965 | Cisco NX-OS Software depletion vulnerability |
CVSS V2: 4.0 CVSS V3: 7.7 Severity: HIGH |
A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that overtime can deplete system memory. When there is no system memory available, this can cause unexpected system behaviors and crashes. The vulnerability is due to the VSH process not being properly deleted when a remote management connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly performing a remote management connection to the device and terminating the connection in an unexpected manner. A successful exploit could allow the attacker to cause the VSH processes to fail to delete, which can lead to a system-wide denial of service (DoS) condition. The attacker must have valid user credentials to log in to the device using the remote management connection. Cisco NX-OS The software is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Nexus 3000 Series Switches and others are products of Cisco. The Cisco Nexus 3000 Series Switches is a 3000 Series switch. The Cisco Nexus 3500 Platform Switches is a 3500 Series platform switch. The Cisco MDS 9000 Series Multilayer Switches are an MDS 9000 Series multilayer switch. Cisco NX-OS Software is a data center-level operating system software used by a switch
| VAR-201908-0844 | CVE-2019-1962 | Cisco NX-OS Software Cisco Fabric Services Component Input Validation Error Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a malicious Cisco Fabric Services TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition. Note: There are three distribution methods that can be configured for Cisco Fabric Services. This vulnerability affects only distribution method CFSoIP, which is disabled by default. See the Details section for more information. Cisco NX-OS The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Nexus 3000 Series Switches and others are products of Cisco. The Cisco Nexus 3000 Series Switches is a 3000 Series switch. The Cisco Nexus 3500 Platform Switches is a 3500 Series platform switch. The Cisco MDS 9000 Series Multilayer Switches are an MDS 9000 Series multilayer switch. Cisco NX-OS Software is a data center-level operating system software used by a switch
| VAR-201908-0267 | CVE-2019-12643 | Cisco IOS XE Software authentication vulnerabilities |
CVSS V2: 10.0 CVSS V3: 10.0 Severity: CRITICAL |
A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. The vulnerability is due to an improper check performed by the area of code that manages the REST API authentication service. An attacker could exploit this vulnerability by submitting malicious HTTP requests to the targeted device. A successful exploit could allow the attacker to obtain the token-id of an authenticated user. This token-id could be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container on the affected Cisco IOS XE device. The REST API interface is not enabled by default and must be installed and activated separately on IOS XE devices. See the Details section for more information. The following products and versions are affected: Cisco 4000 Series Integrated Services Routers; ASR 1000 Series Aggregation Services Routers; Cloud Services Router 1000V Series; Integrated Services Virtual Router
| VAR-201908-0846 | CVE-2019-1964 | Cisco Nexus 7000 Series Switches and Nexus 7700 Series Switches NX-OS Software Input Validation Error Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. The vulnerability is due to improper validation of IPv6 traffic sent through an affected device. An attacker could exploit this vulnerability by sending a malformed IPv6 packet through an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition while the netstack process restarts. A sustained attack could lead to a reboot of the device. Cisco NX-OS The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco Nexus 7000 Series Switches and Cisco Nexus 7700 Series Switches are products of Cisco. The Cisco Nexus 7000 Series Switches is a 7000 Series switch. The Cisco Nexus 7700 Series Switches is a 7700 Series switch. Cisco NX-OS Software is a data center-level operating system software used by a switch
| VAR-201908-0058 | CVE-2019-9934 | plural Lexmark Access control vulnerabilities in products |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
Various Lexmark products have Incorrect Access Control (issue 1 of 2). Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: CS31x with firmware LW71.VYL.P229 and earlier; CS41x with firmware LW71.VY2.P229 and earlier; CX310 with firmware LW71.GM2.P229 and earlier; MS310 with .P229 and earlier firmware; MS312 with LW71.GM2.P229 and earlier firmware; MS317 with LW71.GM2.P229 and earlier firmware; MS410 with LW71.PRL.P229 and earlier firmware; M1140 with firmware version .PRL.P229 and earlier; MS315 with firmware version LW71.TL2.P229 and earlier; MS415 with firmware version LW71.TL2.P229 and earlier; MS417 with firmware version LW71.TL2.P229 and earlier; MX31x with firmware LW71.SB2.P229 and earlier; XM1135 with firmware LW71.SB2.P229 and earlier; MS51x with firmware LW71.PR2.P229 and earlier; firmware with LW71.PR2.P229 and earlier MS610dn; MS617 using LW71.PR2.P229 and earlier firmware; M1145 using LW71.PR2.P229 and earlier firmware; M3150dn using LW71.PR2.P229 and earlier firmware; using LW71.DN2.P229 and earlier MS71x with firmware LW71.DN2.P229 and earlier; M5163dn with firmware LW71.DN2.P229 and earlier; MS810 with firmware LW71.DN2.P229 and earlier; MS811 with firmware LW71.DN2.P229 and earlier; MS812 with previous version firmware; MS817 with LW71.DN2.P229 and previous version firmware; MS818 with LW71.DN2.P229 and previous version firmware
| VAR-201908-0059 | CVE-2019-9935 | plural Lexmark Access control vulnerabilities in products |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
Various Lexmark products have Incorrect Access Control (issue 2 of 2). Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: CS31x with firmware LW71.VYL.P229 and earlier; CS41x with firmware LW71.VY2.P229 and earlier; CX310 with firmware LW71.GM2.P229 and earlier; MS310 with .P229 and earlier firmware; MS312 with LW71.GM2.P229 and earlier firmware; MS317 with LW71.GM2.P229 and earlier firmware; MS410 with LW71.PRL.P229 and earlier firmware; M1140 with firmware version .PRL.P229 and earlier; MS315 with firmware version LW71.TL2.P229 and earlier; MS415 with firmware version LW71.TL2.P229 and earlier; MS417 with firmware version LW71.TL2.P229 and earlier; MX31x with firmware LW71.SB2.P229 and earlier; XM1135 with firmware LW71.SB2.P229 and earlier; MS51x with firmware LW71.PR2.P229 and earlier; firmware with LW71.PR2.P229 and earlier MS610dn; MS617 using LW71.PR2.P229 and earlier firmware; M1145 using LW71.PR2.P229 and earlier firmware; M3150dn using LW71.PR2.P229 and earlier firmware; using LW71.DN2.P229 and earlier MS71x with firmware LW71.DN2.P229 and earlier; M5163dn with firmware LW71.DN2.P229 and earlier; MS810 with firmware LW71.DN2.P229 and earlier; MS811 with firmware LW71.DN2.P229 and earlier; MS812 with previous version firmware; MS817 with LW71.DN2.P229 and previous version firmware; MS818 with LW71.DN2.P229 and previous version firmware
| VAR-201908-0066 | CVE-2019-9933 | plural Lexmark Buffer error vulnerability in product |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Various Lexmark products have a Buffer Overflow (issue 3 of 3). plural Lexmark The product contains a buffer error vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Lexmark CS31x with firmware LW71.VYL.P230 and earlier; CS41x with firmware LW71.VY2.P230 and earlier; CS51x with firmware LW71.VY4.P230 and earlier; GM2.P230 and previous versions of CX310, etc
| VAR-201908-1621 | CVE-2019-10058 | plural Lexmark Access control vulnerabilities in products |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
Various Lexmark products have Incorrect Access Control. Lexmark CS31x and others are all printers from Lexmark. An attacker could exploit this vulnerability by conducting a brute force attack to obtain local account credentials. The following products and versions are affected: CS31x with firmware LW71.VYL.P229 and earlier; CS41x with firmware LW71.VY2.P229 and earlier; CS51x with firmware LW71.VY4.P229 and earlier; .CX310 with firmware of P229 and earlier versions, etc
| VAR-201908-1825 | CVE-2019-11063 | ASUS SmartHome Access Control Error Vulnerability |
CVSS V2: 8.3 CVSS V3: 8.8 Severity: HIGH |
A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). SmartHome The application contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUS SmartHome is a smart home control management application from ASUS in Taiwan
| VAR-201909-0094 | CVE-2019-3754 | plural Dell EMC Product cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser. Dell EMC Unity, etc. are the products of the United States Dell (Dell). EMC UnityVSA is a set of virtual EMC Unity storage environments. EMC VNXe3200 is a 2U dual-controller unified storage product. The vulnerability stems from the lack of proper validation of client data by web applications. An attacker could use this vulnerability to execute client code
| VAR-201908-0840 | CVE-2019-1969 | Cisco NX-OS Vulnerability related to authorization, authority, and access control in software |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name. Cisco NX-OS The software contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Cisco NX-OS Software is a data center-level operating system software used by a set of switches of Cisco. The following products and versions are affected: Cisco Nexus 3000 Series Switches; Nexus 3500 Platform Switches; Nexus 3600 Platform Switches; Nexus 9000 Series Switches (standalone NX-OS mode); Nexus 9500 R-Series Switching Platform
| VAR-201908-1590 | CVE-2018-18371 | ASG and ProxySG Vulnerable to information disclosure |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP server from the ASG/ProxySG's web listing of the FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2. ASG and ProxySG Contains an information disclosure vulnerability.Information may be obtained. Both Symantec Advanced Secure Gateway and Symantec ProxySG are security gateway devices of Symantec Corporation of the United States. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components
| VAR-201908-1589 | CVE-2018-18370 | ASG and ProxySG Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2. ASG and ProxySG Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Both Symantec Advanced Secure Gateway and Symantec ProxySG are security gateway devices of Symantec Corporation of the United States. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code
| VAR-201908-1620 | CVE-2019-10057 | plural Lexmark Product cross-site request forgery vulnerability |
CVSS V2: 4.3 CVSS V3: 6.5 Severity: MEDIUM |
Various Lexmark products have CSRF. plural Lexmark The product contains a cross-site request forgery vulnerability.Information may be tampered with. Lexmark CS31x and others are all printers from Lexmark. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could exploit this vulnerability to send unexpected requests to the server through an affected client. The following products and versions are affected: Lexmark CS31x; CS41x; CX310; MS310; MS312; MS317; MS410; M1140; MS315; MS415; MS417; MS811; MS812; MS817; MS818
| VAR-201908-1826 | CVE-2019-11064 | Advan VD-1 Firmware vulnerabilities related to certificate and password management |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication. AndroVideo Advan VD-1 is a security camera from Taiwan's AndroVideo.
AndroVideo Advan VD-1 has a trust management issue vulnerability. AndroVideo Advan VD-1 is a security camera produced by AndroVideo Company in Taiwan, China. to attack affected components