VARIoT IoT vulnerabilities database

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address. D-Link DIR-816 A2 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-816A2 is a wireless router product of D-Link. A stack buffer overflow vulnerability exists in D-LinkDIR-816A21.10B05

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters. D-Link DIR-816 A2 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-816A2 is a wireless router product of D-Link. A command injection vulnerability exists in D-LinkDIR-816A21.10B05, which is caused by a program using HTTP requests to build commands that an attacker can use to send arbitrary code to execute arbitrary code on the system. The /goform/NTPSyncWithHost in D-Link DIR-816 A2 version 1.10 B05 has an operating system command injection vulnerability

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address. D-Link DIR-816 A2 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-816A2 is a wireless router product of D-Link. A stack-based buffer overflow vulnerability exists in D-Link DIR-816 A2 version 1.10 B05

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol. Hangzhou Luoping Smart Locker Contains an access control vulnerability.Information may be tampered with. oBike is a bicycle sharing system of Singapore oBike Company. There is a security flaw in oBike

Hikvision is a video-centric IoT solution provider. Hikvisionhik-connect.com has an authentication vulnerability. An attacker could exploit the vulnerability to change the cookie value to someone else's user ID that would result in logging in with that user.

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has a denial-of-service vulnerability. An attacker can construct a specific network packet without authorization, and the vulnerability can cause the PLC to deny service

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has a remote controller removal vulnerability. An attacker can remotely clear all programs and configuration information of the controller in the PLC by constructing a specific modbus data packet

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has a remote control vulnerability. An attacker can use the vulnerability to cause the PLC to be remotely controlled by constructing a specific private protocol data packet

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has a denial of service vulnerability. An attacker can use the vulnerability to cause the PLC to deny service by constructing specific private protocol data packets

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has an arbitrary program removal vulnerability. An attacker can construct a specific network data packet by unauthorized use. The vulnerability can cause the program in the PLC controller to be maliciously removed

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has an arbitrary memory tampering vulnerability. An attacker can use the vulnerability to remotely tamper with PLC register values by constructing a specific modbus data packet

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has a denial of service vulnerability. An attacker can use the vulnerability to cause the PLC to be remotely controlled by constructing a specific private protocol data packet. PLC Be remotely controlled

Hollysys Group is a professional automation company integrating R & D, production, sales and technical services. Hollysys LE5109L PLC has an arbitrary memory read vulnerability. An attacker can construct a specific modbus data packet and use the vulnerability to cause any register value in the PLC to be read arbitrarily

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations. Huawei Mate RS Smartphones have access control vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. OPC UA The application contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. OPC UA applications is a platform-independent service-oriented unified architecture application from the OPC (OLE for Process Control) Foundation. SAP Plant Connectivity is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4359-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 2.6.5-1~deb9u1. We recommend that you upgrade your wireshark packages. For the detailed security status of wireshark please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wireshark Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwk6BkACgkQEMKTtsN8 TjZeQg//epVGPGld0oOwn+9I3rD4C0GZMKOCtHW7xR5x+YKMntG7VzLAcSv33EEi hDj2V0ZFr8NIWab0qtTun4BQMMZ7J80hy//hFr9OcAu1apdG38KW0drMG2/sBBL8 HH6ndYLgrtxqbtmqNBxPrabq+Fj01jlCwTmrd9ig0/ZQOSlRbfM+Snfjxpmwlsgl x8ZoWi9TPD+ILZe2V6m4w81aR6FF3e540W6ADAJ233gpJbQ5mHvOlX1tJzPDTQOe 8KqGZ4FhYan7wO6u41gRHCtqMEymh1LRc+zTzeow9jNs7u83GRMT4bqerCkVKI3W JPr1+EbYNyZApWYzeigomGQSXiTMKvURm1NxevhhZW81y0xJgHS7q7gsvu1zitQl hUqA9r/F74Ts6uru+ubknk1OeA0UrY/ZXVMZUgsYAZ4vFvcvPzK2gqZoBMI0tAy5 PxAnScxMalJA8faUsjl/0O5URG/Sv0MKzLo9hexog7dE/vH0j5iuZqbhT7UDmvdL B2l7XwVlZCKI5pLgNhCqBSxf3mL7sr/wzpPF2YYuFGTGQ+doTy6C9GL1Z/J/087w Hbd7i5Pnu+GM+SXswSIsDNsq4fMYHrBJvJz+w2YWImdKuR9+fKSPAtdto/id5t9m s61uMXB9ul+5H0pw19otWQUvJog5qcCrTFLEe5F+CMUJDjWDqrY=xlYz -----END PGP SIGNATURE-----

A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information. HP Integrated Lights-Out is prone to local privilege escalation and information-disclosure vulnerabilities. An attacker can exploit these issues to execute arbitrary code with elevated privileges and obtain sensitive information that may aid in launching further attacks. HPE iLO 3, 4, and 5 have security vulnerabilities

Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy. ASUS GT-AC5300 The router contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The ASUSGT-AC5300 is a wireless router from ASUS. A buffer overflow vulnerability exists in ASUSGT-AC53003.0.0.4.384_32738 and earlier

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g bandwidth. TP-Link TL-WR886N The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. TP-LinkTL-WR886N is a wireless router product of China TP-LINK. There are security vulnerabilities in TP-LinkTL-WR886N6.02.3.4 and 7.01.1.0. A security vulnerability exists in TP-Link TL-WR886N 6.0 2.3.4 version and 7.0 1.1.0 version

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g isolate. TP-Link TL-WR886N The device contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. TP-LinkTL-WR886N is a wireless router product of China TP-LINK. There are security vulnerabilities in TP-LinkTL-WR886N6.02.3.4 and 7.01.1.0. A security vulnerability exists in TP-Link TL-WR886N 6.0 2.3.4 version and 7.0 1.1.0 version

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info set_block_flag up_limit. TP-Link TL-WR886N The device contains an input validation vulnerability.Denial of service (DoS) May be in a state. TP-LinkTL-WR886N is a wireless router product of China TP-LINK. There are security vulnerabilities in TP-LinkTL-WR886N6.02.3.4 and 7.01.1.0. A security vulnerability exists in TP-Link TL-WR886N 6.0 2.3.4 version and 7.0 1.1.0 version