VARIoT IoT vulnerabilities database

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. Westermo DR-250 and DR-260 The router contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. A security vulnerability exists in the /uploadfile? function in the Westermo DR-260, DR-250, and MR-260

Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. Westermo DR-250 and DR-260 The router contains a cross-site request forgery vulnerability.Information may be tampered with. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user

Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter. Samsung SCX-824 The printer contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. SamsungSCX-824 is a multi-function printer from South Korea's Samsung. A cross-site scripting vulnerability exists in SamsungSCX-824. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code

Sony LF-S80D wireless speaker is a smart speaker product produced by Sony Corporation. The Sony LF-S80D wireless speaker has binary vulnerabilities. An attacker can decrypt the entire network communication traffic and completely control the entire device.

modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter. Vtiger CRM Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Vtiger CRM is a customer relationship management system (CRM) based on SugarCRM developed by American Vtiger Company. The management system provides functions such as management, collection, and analysis of customer information. The vulnerability stems from the lack of verification of externally input SQL statements in database-based applications. Attackers can exploit this vulnerability to execute illegal SQL commands

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and prior versions are vulnerable

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests. Fortinet FortiOS Exists in an authorization vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiOS is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Fortinet FortiOS 5.4.1 through 5.4.10, 5.6.0 to 5.6.8, and 6.0.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. Fortinet FortiOS Contains a path traversal vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiOS is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information. Fortinet FortiOS 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A path traversal vulnerability exists in the SSL VPN web portal in Fortinet FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "err" parameter of the error process HTTP requests. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 6.0.0 through 6.0.4 are vulnerable

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 5.2.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. The SSL VPN web portal in Fortinet FortiOS versions 5.2.0 to 5.6.10 and 6.0.0 to 6.0.4 has a cross-site scripting vulnerability. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code

Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address). A security vulnerability exists in the Anviz M3 RFID. An attacker could exploit this vulnerability to bypass access controls and disclose or modify private information

An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V (C38S) KR203.18.1.20 devices. The web service, network, and account files can be manipulated through a web UI firmware update without any authentication. The attacker can achieve access to the device through a manipulated web UI firmware update. Vstarcam 100T (C7824WIP) and 200V (C38S) The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both VStarcam 100T and VStarcam 200V are IP cameras produced by VStarcam in China. VStarcam 100T (C7824WIP) with KR75.8.53.20 firmware and 200V (C38S) with KR203.18.1.20 firmware have a security vulnerability in the upgrade_htmls.cgi file

XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. Westermo DR-250 and DR-260 The router contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. A cross-site scripting vulnerability exists in the \342\200\230/cmdexec/cmdexe?cmd=\342\200\231 command console in the WestermoDR-260Router, WestermoDR-250Router, and WestermoMR-260Router (all firmware versions). The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code. Westermo DR-260 etc

An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080. Motorola CX2 and M2 The router contains a format string vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Motorola M2 and Motorola CX2 are products of Motorola, USA. The Motorola CX2 is a wireless router. A format string error vulnerability exists in scopd in MotorolaCX 21.01 and Motorola M21.01. This vulnerability stems from the lax filtering of parameter types and quantities when network systems or products receive external formatted strings as parameters

An issue was discovered in Quest KACE Systems Management Appliance before 9.1. The script at /service/kbot_service_notsoap.php is vulnerable to unauthenticated reflected XSS when user-supplied input to the METHOD GET parameter is processed by the web application. Since the application does not properly validate and sanitize this parameter, it is possible to place arbitrary script code into the context of the same page. QuestSoftwareKACESystemsManagementAppliance is a system management device from QuestSoftware, USA. The product supports IT asset management, server management and monitoring, software license management and patch management. A cross-site scripting vulnerability exists in QuestSoftwareKACESystemsManagementAppliance 9.0 and earlier that could allow an attacker to execute client-side code

asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote). asterisk Is NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. DigiumAsterisk is a set of open source telephone exchange (PBX) system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response (IVR) and more. A security vulnerability exists in DigiumAsterisk version 13.10.0

There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID: HWPSIRT-2019-02004). Leland-AL00A Huawei Smartphones contain a vulnerability related to input confirmation. Vendors have confirmed this vulnerability HWPSIRT-2019-02004 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiLeland-AL00A is a smartphone from China's Huawei company. RTSPmodule is one of the RTSP (Real Time Streaming Protocol) modules

Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might also be susceptible. Code can be executed because the "name" parameter passed to the cgi_unzip command is not sanitized. plural Western Digital My Cloud The product contains a link interpretation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Western Digital MyCloud Mirror Gen 2 and others are products of Western Digital Corporation. WesternDigitalMyCloudMirrorGen2 is a personal cloud storage device. WesternDigitalMyCloudEX2Ultra is a personal cloud storage device. The Western Digital MyCloud EX2100 is a personal storage device. A security vulnerability exists in several WesternDigital products that originated from the failure of the program to filter the \342\200\230name\342\200\231 parameter passed to the cgi_unzip command. An attacker could exploit the vulnerability to execute code

An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C7824WIP) CH-sys-48.53.75.119~123 and 200V (C38S) CH-sys-48.53.203.119~123 devices. A remote command can be executed through a system firmware update without authentication. The attacker can modify the files within the internal firmware or even steal account information by executing a command. Vstarcam 100T (C7824WIP) and 200V (C38S) The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both VStarcam 100T and VStarcam 200V are IP cameras produced by VStarcam in China. There is a security vulnerability in the upgrade_firmware.cgi file in VStarcam 100T (C7824WIP) and 200V (C38S). The following firmware versions are affected: CH-sys-version 48.53.75.119, CH-sys-version 48.53.75.120, CH-sys-48.53.75.123 (VSTARCAM-100T (C7824WIP)); CH-sys-48.53.203.119, CH-sys-48.53.203.120 version, CH-sys-48.53.203.123 version (200V (C38S))

Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109). Vendors have confirmed this vulnerability HWPSIRT-2019-03109 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiS12700 is an enterprise-class switch product from China's Huawei company. The vulnerability stems from the program's insufficient verification of specific parameters of Http messages. The following products and versions are affected: Huawei S12700 V200R005C00 Version, V200R006C00 Version, V200R007C00 Version, V200R008C00 Version, V200R010C00 Version, V200R012C00 Version, V200R013C00 Version, V200R011C10 Version; S1700 V200R008C00 Version, V200R009C00 Version, V200R010C00 Version, V200R011C10 Version, V200R012C00 Version, V200R013C00 version; S2300 V200R003C00 version, etc