VARIoT IoT vulnerabilities database

An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server. plural Modicon The product contains a vulnerability related to the password management function.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and other are programmable logic controller products of Schneider Electric (France). Unknown vulnerabilities in multiple Schneider Electric products. An attacker could use this vulnerability to delete or reset an existing username and password

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a denial of service can occur for ~1 minute by sending a specially crafted HTTP request. plural Modicon The product includes HTTP A vulnerability related to response splitting exists.Service operation interruption (DoS) There is a possibility of being put into a state. SchneiderElectricModiconM340 and others are programmable logic controller products from Schneider Electric of France

In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file downloads. Vmware for LXCI Contains an input validation vulnerability.Information may be obtained. Lenovo XClarity Integrator is prone to multiple security vulnerabilities: 1. An arbitrary-file-download vulnerability 2. An arbitrary file-overwrite vulnerability Attackers can overwrite arbitrary files on an unsuspecting user's computer in the context of the vulnerable application or download arbitrary files from the device filesystem and obtain potentially sensitive information.. The following versions of Lenovo XClarity Integrator are vulnerable: Lenovo XClarity Integrator for VMware versions prior to 5.5 are vulnerable.Lenovo XClarity Integrator for Microsoft System Center versions prior to 3.5 are vulnerable. Lenovo XClarity Integrator (LXCI) for Vmware is an application for Vmware from China Lenovo (Lenovo). The program offers extended capabilities such as infrastructure resource management, automation and IT service management. The vulnerability stems from the fact that the program does not adequately filter the input when downloading files

In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file. Vmware for LXCI Contains a vulnerability related to unlimited uploads of dangerous types of files.Information may be tampered with. Lenovo XClarity Integrator is prone to multiple security vulnerabilities: 1. An arbitrary-file-download vulnerability 2. An arbitrary file-overwrite vulnerability Attackers can overwrite arbitrary files on an unsuspecting user's computer in the context of the vulnerable application or download arbitrary files from the device filesystem and obtain potentially sensitive information.. The following versions of Lenovo XClarity Integrator are vulnerable: Lenovo XClarity Integrator for VMware versions prior to 5.5 are vulnerable.Lenovo XClarity Integrator for Microsoft System Center versions prior to 3.5 are vulnerable. Lenovo XClarity Integrator (LXCI) for Vmware is an application for Vmware from China Lenovo (Lenovo). The program offers extended capabilities such as infrastructure resource management, automation and IT service management. The vulnerability stems from the fact that the program does not perform sufficient filtering when uploading backup files

LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate. VMware For and Microsoft System Center for LXCI Contains a vulnerability related to unlimited uploads of dangerous types of files.Information may be tampered with. Lenovo XClarity Integrator is prone to multiple security vulnerabilities: 1. An arbitrary-file-download vulnerability 2. An arbitrary file-overwrite vulnerability Attackers can overwrite arbitrary files on an unsuspecting user's computer in the context of the vulnerable application or download arbitrary files from the device filesystem and obtain potentially sensitive information.. Lenovo XClarity Integrator (LXCI) for Vmware is an application for Vmware from China Lenovo (Lenovo). The program offers extended capabilities such as infrastructure resource management, automation and IT service management. LXCI for Microsoft System Center is the version for Microsoft System Center. The vulnerability stems from insufficient verification when uploading certificates

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. QEMU Contains an integer overflow vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. QEMU is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Attackers can exploit this issue to crash the QEMU instance, resulting in a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. plural Symantec The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Symantec Products are prone to an local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Symantec Norton and others are products of Symantec Corporation of the United States. Symantec Norton is an antivirus program. Endpoint Protection (SEP) is an endpoint protection program. Attackers can exploit this vulnerability to bypass detection by virus detection engines

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. plural Symantec The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Symantec Products are prone to an local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Symantec Norton and others are products of Symantec Corporation of the United States. Symantec Norton is an antivirus program. Endpoint Protection (SEP) is an endpoint protection program. Attackers can exploit this vulnerability to bypass detection by virus detection engines

A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firmware of the head unit. This occurs because the device accepts modified QNX6 filesystem images (as long as the attacker obtains access to certain Harman decryption/encryption code) as a consequence of a bug where unsigned images pass a validity check. An attacker could potentially install persistent malicious head unit firmware and execute arbitrary code as the root user. The FHI Subaru StarLink Harman is a vehicle produced by the Japanese company Fuji Heavy Industries (FHI)

Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an error handling vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-109678453, A-111089815, A-112279482, A-112278875, A-109678259, A-111088838, A-111092944, A-112278972, A-112279521, A-112279426, A-112279483, A-112279144, A-112279544, and A-119050566. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). The Qualcomm MDM9206 is a central processing unit (CPU). SDX24 is a modem. A security vulnerability exists in Content Protection in several Qualcomm Snapdragon products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application. A successful exploit could allow the attacker to modify and delete arbitrary data in the PLM database or gain shell access with the privileges of the postgres user. This issue being tracked by Cisco Bug ID CSCvk30822. Cisco Prime License Manager (PLM) is a license manager of Cisco (Cisco)

NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject SQL into an executing statement and allow arbitrary code execution. NUUO CMS Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO CMS is a central software management platform from NUUO. The platform is used to centrally manage NVR (DVR), IP cameras and other devices, and provides user management and alarm management. There is a SQL injection vulnerability in NUUO CMS 3.3 and earlier. A remote attacker can exploit this vulnerability to execute arbitrary code

NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution. NUUO CMS Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO CMS is a central software management platform of NUUO. The platform is used to centrally manage NVR (hard disk video recorders), IP cameras and other equipment, and provides functions such as user management and alarm management. There are security vulnerabilities in NUUO CMS 3.3 and earlier versions

NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. This could allow an attacker to impersonate a legitimate user, obtain restricted information, or execute arbitrary code. NUUO CMS Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO CMS is a central software management platform from NUUO. The platform is used to centrally manage NVR (DVR), IP cameras and other devices, and provides user management and alarm management. There are security vulnerabilities in NUUO CMS 3.3 and earlier

System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter. Xiaomi Mi Router 3 Contains a command injection vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. XiaomiMiRouter3 is a wireless router product of China Xiaomi. A system command injection vulnerability exists in the request_mitv endpoint in XiaomiMiRouter32.22.15

System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter. Xiaomi Mi Router 3 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. XiaomiMiRouter3 is a wireless router product of China Xiaomi. A system command injection vulnerability exists in the wifi_access endpoint in XiaomiMiRouter32.22.15

Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path. Xiaomi Mi Router 3 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. XiaomiMiRouter3 is a wireless router product of China Xiaomi. A cross-site scripting vulnerability exists in the API404 page in XiaomiMiRouter32.22.15

Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted user’s web browser to gain access to the affected device. Rockwell Automation Allen-Bradley PowerMonitor 1000 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. A cross-site scripting vulnerability exists in the /Security/Security.shtm page in RockwellAutomationAllen-BradleyPowerMonitor1000

An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element. Rockwell Automation Allen-Bradley PowerMonitor 1000 Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An access control error vulnerability exists in the Web page of Rockwell Automation Allen-Bradley PowerMonitor 1000, which could allow an attacker to add new users with administrator privileges. An attacker may leverage these issues to bypass certain security restrictions, obtain sensitive information and execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. An attacker could exploit this vulnerability to add/edit/remove administrator accounts