VARIoT IoT vulnerabilities database

A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup triggered by a legitimate user has been completed

A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app with restricted permissions, which required user interaction

A potential improper access control vulnerability exists in the JSON-RPC interface of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in reading or modification of the SHC's configuration or triggering and restoring backups. In order to exploit the vulnerability, the adversary needs to have successfully paired an app or service, which requires user interaction

A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in elevated privileges of the adversary's choosing. In order to exploit the vulnerability, the adversary needs physical access to the SHC during the attack

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST command to the FTP service, which may cause the service to overwrite buffers, leading to remote code execution and escalation of privileges. Emerson Ovation OCR400 Controller Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Emerson Ovation OCR400 Controller is prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Emerson Electric Ovation OCR400 Controller is a logic controller of Emerson Electric (Emerson Electric). This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution and escalation of privileges. Emerson Ovation OCR400 Controller Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Emerson Ovation OCR400 Controller is prone to stack-based buffer overflow and heap-based buffer overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Emerson Electric Ovation OCR400 Controller is a logic controller of Emerson Electric (Emerson Electric). This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations

iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console. iBall Baton The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. iBallBatoniB-WRB302N is a wireless router from iBall India. A trust management issue vulnerability exists in the iBallBatoniB-WRB302N20122017 release. The vulnerability stems from the lack of an effective trust management mechanism in network systems or products. An attacker can attack an affected component with a default password or hard-coded password, hard-coded certificate, and so on. to attack affected components

Shenzhen Hexin Automation Technology Co., Ltd. is a company mainly engaged in PLC, HMI, servo, dedicated control system, remote I / O and field network products. Hexin MagicWorks HMI wintab32 has a dll hijacking vulnerability, which can be used by an attacker to execute malicious code

Shenzhen Huichuan Technology Co., Ltd. is a company mainly engaged in the research and development, production and sales of industrial automation control products, positioning services for mid-to-high-end equipment manufacturers. There is a memory corruption vulnerability in the HTCododor.htd project file, which can be used by an attacker to execute malicious code

LS Power Generation is a company mainly engaged in programmable controllers, frequency converters, DC motor speed controllers, uninterruptible power supplies, high-voltage electrical appliances, low-voltage electrical appliances, and power electronic equipment. LSIS KGL_WIN local has a dll hijacking vulnerability that can be used by an attacker to execute malicious code

Nandao Technology Jiangsu Co., Ltd. is a company mainly engaged in the research and development, production, sales and maintenance of industrial automation products, and the development and integration of automation control systems. There is a memory corruption vulnerability in the NATouch skm project file of NTU, and an attacker can use this vulnerability to execute malicious code

Delta Electronics Group is a company that provides total solutions for power management, video displays, industrial automation, automotive electronics, network communications products and renewable energy related products. There is a stack overflow vulnerability in the delta ScreenEditor dop project file, which can be used by an attacker to execute malicious code

Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 820, SD 820A, SD 845 / SD 850, SDM439, SDM660, SDX20. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9650 is a central processing unit (CPU) product. A buffer overflow vulnerability exists in several Qualcomm products that could allow an attacker to cause a buffer overflow or heap overflow. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9650; MSM8909W; MSM8996AU; Qualcomm 215; SD 210; SD 212; SD 205; SD 450; SD 615/16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SD 820; SD 820A; SD 845; SD 850; SDM439;

Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a double release vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The MDM9607 is a central processing unit (CPU) product. The MDM9640 is a central processing unit (CPU) product. A resource management error vulnerability exists in several Qualcomm products. The vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Qualcomm MDM9150; MDM9206; MDM9607; MDM9640; MDM9650; MSM8909W; MSM8996AU; QCS605; /16; SD 415; SD 625; SD 632; SD 636; SD 650/52; SD 712; SD 710; SD 670; SD 820A; SD 835; SD 845; SD 850; SD 855; SDM660; SDX20; SDX24

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. Westermo DR-250 and DR-260 The router contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. A security vulnerability exists in the /uploadfile? function in the Westermo DR-260, DR-250, and MR-260

Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. Westermo DR-250 and DR-260 The router contains a cross-site request forgery vulnerability.Information may be tampered with. WestermoDR-260 and others are products of Westermo, Sweden. The WestermoDR-260 is a DSL router. The WestermoDR-250 is a DSL router. The WestermoMR-260 is a 3G multimedia router. Westermo DR-260 etc. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user

Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter. Samsung SCX-824 The printer contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. SamsungSCX-824 is a multi-function printer from South Korea's Samsung. A cross-site scripting vulnerability exists in SamsungSCX-824. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code

Sony LF-S80D wireless speaker is a smart speaker product produced by Sony Corporation. The Sony LF-S80D wireless speaker has binary vulnerabilities. An attacker can decrypt the entire network communication traffic and completely control the entire device.

modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter. Vtiger CRM Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Vtiger CRM is a customer relationship management system (CRM) based on SugarCRM developed by American Vtiger Company. The management system provides functions such as management, collection, and analysis of customer information. The vulnerability stems from the lack of verification of externally input SQL statements in database-based applications. Attackers can exploit this vulnerability to execute illegal SQL commands

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and prior versions are vulnerable