VARIoT IoT vulnerabilities database

An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to get a full access to device, bypassing the authorization system. SchneiderElectricMGEUPS and MGESTS are products of Schneider Electric. SchneiderElectricMGEUPS is an uninterruptible power supply unit. MGESTS is a static switch. 66074MGENetworkManagementCardTransverse is one of the network management cards (network cards). There are security vulnerabilities in the 66074MGENetworkManagementCardTransverse in SchneiderElectricMGEUPS and MGESTS

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807. Vendors have confirmed this vulnerability Bug ID CSCvg68807 It is released as.Information may be tampered with. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The detection engine is one of the intrusion detection engines. The vulnerability stems from the fact that the program does not detect SMB2 or SMB3 files

There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request. Hikvision Camera DS-2CD9111-S Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Hikvision Camera DS-2CD9111-S is a network camera product of China Hikvision Company. The vulnerability stems from the fact that the program does not fully verify some values ​​in the message

A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition during which traffic through the device could be delayed. This vulnerability applies to either IPv4 or IPv6 ingress traffic. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 2100 Series Security Appliances, Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvf63718. Vendors have confirmed this vulnerability Bug ID CSCvf63718 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU memory consumption. are security firewall devices of Cisco (Cisco)

A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any permitted operations on any virtual machine. The permitted operations can be configured for the end user on the virtual machines with either of the following settings: The virtual machine is associated to a Virtual Data Center (VDC) that has an end user self-service policy attached to the VDC. The end user role has VM Management Actions settings configured under User Permissions. This is a global configuration, so all the virtual machines visible in the end-user portal will have the VM management actions available. The vulnerability is due to improper user authentication checks. An attacker could exploit this vulnerability by logging in to the UCS Director with a modified username and valid password. A successful exploit could allow the attacker to gain visibility into and perform actions against all virtual machines in the UCS Director end-user portal of the affected system. This vulnerability affects Cisco Unified Computing System (UCS) Director releases 6.0 and 6.5 prior to patch 3 that are in a default configuration. Cisco Bug IDs: CSCvh53501. Vendors have confirmed this vulnerability Bug ID CSCvh53501 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Successful exploits will allow attackers to obtain sensitive information. This may aid in further attacks. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology. The vulnerability is caused by the program not correctly detecting user identities

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098. Vendors have confirmed this vulnerability Bug ID CSCvf91098 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU consumption

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear this Interface Forwarding Denial of Service condition. The vulnerability is due to the failure to properly check that the length of a packet to transmit does not exceed the maximum supported length of the network interface card (NIC). An attacker could exploit this vulnerability by sending a crafted IP packet or a series of crafted IP fragments through an interface on the targeted device. A successful exploit could allow the attacker to cause the network interface to cease forwarding packets. This vulnerability could be triggered by either IPv4 or IPv6 network traffic. This vulnerability affects the following Cisco products when they are running the StarOS operating system and a virtual interface card is installed on the device: Aggregation Services Router (ASR) 5700 Series, Virtualized Packet Core-Distributed Instance (VPC-DI) System Software, Virtualized Packet Core-Single Instance (VPC-SI) System Software. Cisco Bug IDs: CSCvf32385. Cisco StarOS Contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvf32385 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. The Cisco AggregationServicesRouter (ASR) 5000SeriesRouters is a 5000 series of secure router devices. VirtualizedPacketCore (VPC) SystemSoftware is a commercial version of the StarOS software deployed on a dedicated hardware platform. StarOS is a set of operating systems used in it

A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the incorrect handling of certain DHCP packets. An attacker could exploit this vulnerability by sending certain DHCP packets to a specific segment of an affected device. A successful exploit could allow the attacker to increase CPU usage on the affected device and cause a DoS condition. Cisco Bug IDs: CSCvg73687. Cisco IOS XE The software contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvg73687 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. CiscocBRSeriesConvergedBroadbandRouters is a cBR series router device from Cisco. IOSXE is one of the operating systems dedicated to Cisco network devices. A resource management error vulnerability exists in IOSXE on CiscocBRSeriesConvergedBroadbandRouters that caused the program to fail to properly handle DHCP packets

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141. Vendors have confirmed this vulnerability Bug ID CSCvc20141 It is released as.Information may be tampered with. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The detection engine is one of the intrusion detection engines

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435. Cisco Firepower System Software Contains a vulnerability related to failure of the protection mechanism. Vendors have confirmed this vulnerability Bug ID CSCvf86435 It is released as.Information may be tampered with. The detection engine is one of the intrusion detection engines

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625. Vendors have confirmed this vulnerability Bug ID CSCvi35625 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to cause the denial-of-service conditions

A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect validation of peer-to-peer packet headers. An attacker could exploit this vulnerability by sending a crafted peer-to-peer packet through an affected device. A successful exploit could allow the attacker to cause the SESSMGR process on the affected device to restart unexpectedly, which could briefly impact traffic while the SESSMGR process restarts and result in a DoS condition. Cisco Bug IDs: CSCvg88786. Vendors have confirmed this vulnerability Bug ID CSCvg88786 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of corrupted Internet Key Exchange Version 2 (IKEv2) messages. An attacker could exploit this vulnerability by sending crafted IKEv2 messages toward an affected router. A successful exploit could allow the attacker to cause the ipsecmgr service to reload. A reload of this service could cause all IPsec VPN tunnels to be terminated and prevent new tunnels from being established until the service has restarted, resulting in a DoS condition. This vulnerability affects the following Cisco products when they are running Cisco StarOS: Cisco Aggregation Services Router (ASR) 5000 Series Routers, Virtualized Packet Core (VPC) System Software. Cisco Bug IDs: CSCve29605. Cisco StarOS Contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCve29605 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. VirtualizedPacketCore (VPC) SystemSoftware is a commercial version of the StarOS software deployed on a dedicated hardware platform. StarOS is a set of operating systems used in it. IPsecManager is one of the IPsec managers

A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking the device into unlocking the support user account and accessing the tunnel password and device serial number. A successful exploit could allow the attacker to run any system command with root access. This affects Cisco Identity Services Engine (ISE) software versions prior to 2.2.0.470. Cisco Bug IDs: CSCvf54409. Vendors have confirmed this vulnerability Bug ID CSCvf54409 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this vulnerability by sending a large volume of crafted SSL traffic to the vulnerable device. A successful exploit could allow the attacker to degrade the device performance by triggering a persistent high CPU utilization condition. Cisco Bug IDs: CSCvh89340. Cisco Firepower System Software Contains a resource management vulnerability. Vendors report this vulnerability Bug ID CSCvh89340 Published as.Denial of service (DoS) May be in a state. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU memory consumption. Secure Sockets Layer (SSL) is one of the SSL (Secure Sockets Layer protocol) engines

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view sensitive information that should have been restricted. Cisco Bug IDs: CSCvf22116. Vendors have confirmed this vulnerability Bug ID CSCvf22116 It is released as.Information may be obtained. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view configuration parameters. Cisco Bug IDs: CSCvf20218. Vendors have confirmed this vulnerability Bug ID CSCvf20218 It is released as.Information may be obtained. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied. plural Schneider Electric The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. A remote attacker could exploit the vulnerability by sending a specially crafted request to cause a denial of service (crash)

A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000 (DNP3oE) if an older TCI/IP session is still open with identical IP address and port number. plural Schneider Electric Product Contains a session expiration vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric MiCOM Px4x, MiCOM P540D Range and MiCOM Px4x Rejuvenated are relay products of French Schneider Electric (Schneider Electric). Attackers can exploit this vulnerability to disable network communication for users. The following products and versions are affected: Schneider Electric MiCOM P14x version 46, all D6 versions except MiCOM P44x D6(E), MiCOM P64x, MiCOM P849 (MiCOM Px4x); MiCOM P445 version 35, version 36, version 37, version E0 , F0* version, F1 version, F2 version, MiCOM P443Version 54, Version 55, Version 57, Version B0, Version D0*, Version D1, Version D2, P446 Version 54, Version 55, Version 57, Version B0, Version D0*, Version D1, Version D2, MiCOM P543 to P546 44 Version, Version 54, Version 45, Version 55, Version 47, Version 57, Version A0, Version B0, Version C0*, Version DO*, Version D1, Version D2, MiCOM P841A Version 44, Version 45, Version 47, Version A0 , C0(*) version, C1 version, C2 version, MiCOM P841B 54 version, 55 version, 57 version, B0 version, D0*) version, D1 version, D2 (MiCOM P540D Range); MiCOM P443 H4 version, MiCOM P445 H4 version, MiCOM P446 H4 version, MiCOM All P54x H4 version, MiCOM P841A H4 version, MiCOM P841B H4 version, other versions except MiCOM P14x B2(B), MiCOM P44x, MiCOM P64x, MiCOM P746, MiCOM P849 (MiCOM Px4x Rejuvenated )

D-Link DIR-615 T1 devices allow XSS via the Add User feature. D-Link DIR-615 The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-Link DIR-615 is a small wireless router product of D-Link. There is a cross-site scripting vulnerability in the D-Link DIR-615 T1 version. The vulnerability is caused by the program not correctly validating the input submitted by the user. Remote attackers can exploit this vulnerability to inject malicious scripts into web pages by using the user-added function