VARIoT IoT vulnerabilities database

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetQuickVPNSettings module. D-Link Systems, Inc. (DoS) It may be in a state. The D-Link DIR-853 is a dual-band wireless router that supports the 802.11ac protocol, providing dual-band network connections in 2.4GHz (up to 400Mbps) and 5GHz (up to 867Mbps), making it ideal for HD video streaming and online gaming. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the PSK parameter in the SetQuickVPNSettings module. D-Link Systems, Inc. (DoS) It may be in a state. The D-Link DIR-853 is a dual-band wireless router that supports the 802.11ac protocol, providing dual-band network connections in 2.4GHz (up to 400Mbps) and 5GHz (up to 867Mbps), making it ideal for HD video streaming and online gaming. An attacker could exploit this vulnerability to cause a denial of service

DCWS-6028 is a new generation of high-performance 10G smart wireless controller, designed for large and medium-sized wireless network environments. Beijing Digital China Cloud Technology Co., Ltd. DCWS-6028 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

MX-3071 is a digital multifunction printer, mainly used for black and white copying, printing and scanning functions. Sharp Corporation MX-3071 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands. mySCADA Technologies of myPRO for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. mySCADA myPRO is a professional HMI/SCADA system from mySCADA, designed for visualization and control of industrial processes. mySCADA myPRO has an operating system command injection vulnerability that stems from improper input validation

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password. mySCADA Technologies of myPRO There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. mySCADA myPRO is a professional HMI/SCADA system from mySCADA, designed for visualization and control of industrial processes. mySCADA myPRO has an access control error vulnerability that allows access to the management interface without authentication

mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website. mySCADA myPRO is a professional HMI/SCADA system from mySCADA, designed for visualization and control of industrial processes

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information. mySCADA Technologies of myPRO There is a vulnerability in plaintext storage of important information.Information may be obtained. mySCADA myPRO is a professional HMI/SCADA system from mySCADA, designed for visualization and control of industrial processes. mySCADA myPRO has an information leakage vulnerability due to the storage of credentials in plain text

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. TP-LINK Technologies of TL-WR841ND An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. TP-LINK Technologies of TL-WR841ND An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. TP-LINK Technologies of TL-WR841ND An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state

SecFox Operation and Maintenance Security Management and Auditing System is a comprehensive operation and maintenance management system that integrates identity authentication, account management, permission control and operation and maintenance auditing. Qi'anxin SecFox Operation and Maintenance Security Management and Auditing System of SecFox ...

AC8V4.0 is an AC1200 dual-gigabit wireless router. Shenzhen Jixiang Tengda Technology Co., Ltd. AC8V4.0 has a binary vulnerability that can be exploited by attackers to cause a denial of service.

Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. Shenzhen Tenda Technology Co.,Ltd. of AC6 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the IPv6_PppoePassword parameter in the SetIPv6PppoeSettings module. D-Link Systems, Inc. D-Link DIR-853 is a router from D-Link, a Chinese company. No detailed vulnerability details are currently available

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetWanSettings module. D-Link Systems, Inc. of dir-853 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-853 is a router from D-Link, a Chinese company. No detailed vulnerability details are currently provided

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetDynamicDNSSettings module. D-Link Systems, Inc. of dir-853 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-853 is a router from D-Link, a Chinese company. No detailed vulnerability details are currently provided

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module. D-Link Systems, Inc. of dir-853 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-853 is a router from D-Link, a Chinese company. No detailed vulnerability details are currently available

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module. D-Link Systems, Inc. of dir-853 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-853 is a router from D-Link, a Chinese company. No detailed vulnerability details are currently available

Shanghai Boda Data Communication Co., Ltd. is a company that focuses on the research and development, production, sales and service of data network products. Shanghai Boda Data Communication Co., Ltd.'s wireless AC controller has a logical defect vulnerability that can be exploited by attackers to obtain sensitive information.