VARIoT IoT vulnerabilities database

On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low Energy (BLE) advertising packets with a TxAdd flag indicating random addresses, but the addresses remain constant. If devices come within BLE range at one or more locations where an adversary has set up passive sniffing, the adversary can determine whether the same device has entered one of these locations. Fitbit Charge 2 Contains an information disclosure vulnerability.Information may be obtained. Fitbit activity-tracker is a smart sports watch made by Fitbit Company in the United States. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components

There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful exploitation causes a sensitive biometric information leak

Tpshop is a multi-business model mall system developed by Shenzhen Sobao Network Co., Ltd. Tpshop v3.5 Or ***. Php page has SQL injection vulnerability. An attacker could use the vulnerability to obtain sensitive database information.

Tpshop is a multi-business model mall system developed by Shenzhen Sobao Network Co., Ltd. Tpshop v3.5 Or ***. Php page has SQL injection vulnerability. An attacker could use the vulnerability to obtain sensitive database information.

A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0. ProClima Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric ProClima is a set of heat calculation software from Schneider Electric, France. This software provides thermal management functions for the environment and electrical/electronic equipment installed in the control panel by analyzing specified thermal data. A code issue vulnerability exists in Schneider Electric ProClima versions prior to 8.0.0. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0. ProClima Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric ProClima is a set of heat calculation software from Schneider Electric, France. This software provides thermal management functions for the environment and electrical/electronic equipment installed in the control panel by analyzing specified thermal data. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0. ProClima Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric ProClima is a set of heat calculation software from Schneider Electric, France. This software provides thermal management functions for the environment and electrical/electronic equipment installed in the control panel by analyzing specified thermal data. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing code segments from external input data. Attackers can exploit this vulnerability to generate illegal code segments and modify the expected execution control flow of network systems or components

LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped. Vera Edge Home Controller Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Vera Edge Home Controller is a smart home central control unit. There is a security vulnerability in LuaUPnP in Vera Edge Home Controller version 1.7.4452

DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote Execution, Credential Leaks. The component is: IoT API. The attack vector is: Any Accessible Server. DGLogik Inc DGLux Server Contains a permission vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DGLogik DGLux Server is an enterprise-level web server software from DGLogik, USA. An attacker could use this vulnerability to execute arbitrary commands on the host device

KUNBUS-GW Ethernet / IP is a programmable logic controller (PLC), which provides an integrated ControlNet communication port and two integrated Ethernet interfaces. KUNBUS-GW Ethernet / IP has a denial of service vulnerability. The attacker uses the vulnerability to send the constructed special protocol package to take the device down

Tenda D301 is a wireless router from China Tenda. There is a cross-site scripting vulnerability in Tenda D301 v2. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code.

Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap. Delta Electronics CNCSoft ScreenEditor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DPB files. An attacker can leverage this vulnerability to execute code in the context of an administrator. Multiple heap-based buffer-overflow vulnerabilities 2. Multiple information disclosure vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition

Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple out-of-bounds read vulnerabilities may cause information disclosure due to lacking user input validation for processing project files. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DPB files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of an administrator. Multiple heap-based buffer-overflow vulnerabilities 2. Multiple information disclosure vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition

A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System (IGSS), Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated. Interactive Graphical SCADA System (IGSS) Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within use of the UnitIdx data in the BaseUnits table. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) system used to monitor and control industrial processes from Schneider Electric in France. A buffer error vulnerability exists in Schneider Electric IGSS 14 and earlier versions. Attackers can use this vulnerability to cause software crashes with the help of specially crafted project files

D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_sec.cgi html_response_return_page parameter. D-Link DIR-655 C The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A cross-site scripting vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code

ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. Due to path traversal,users can download any files. ZTEZXMWNR8000 is a relay radio device from China ZTE Corporation (ZTE). The vulnerability stems from a network system or product failing to properly filter specific elements in a resource or file path. An attacker could exploit this vulnerability to access a location outside of a restricted directory

D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. D-Link DIR-655 C The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03

Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control, a different issue than CVE-2018-19588. This occurs because of incorrect protection of VPN certificates (used for initiating a VPN session to the Alarm.com infrastructure) on the local camera device. This vulnerability CVE-2018-19588 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Alarm.com ADC-V522IR 0100b9 is an indoor network camera produced by Alarm.com in the United States. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles

D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. D-Link DIR-655 C The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. An attacker could use the vulnerability to reset the password to the default null value using the \342\200\230setup_wizard\342\200\231 parameter

Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control. Alarm.com ADC-V522IR The device contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Alarm.com ADC-V522IR 0100b9 is an indoor network camera produced by Alarm.com in the United States. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles