VARIoT IoT vulnerabilities database

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header. FiberHome VDSL2 Modem HG 150-UB The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FiberHomeVDSL2ModemHG150-UB is a modem product from China FiberHome. A security hole exists in FiberHomeVDSL2ModemHG150-UB

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request. FiberHome VDSL2 Modem HG 150-UB The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FiberHomeVDSL2ModemHG150-UB is a modem product from China FiberHome. A security hole exists in FiberHomeVDSL2ModemHG150-UB. An attacker could exploit the vulnerability to bypass authentication

Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. plural Huawei For smartphone products, NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HG655 is a router product of China's Huawei company. The HuaweiHG655m router has a command injection vulnerability. An attacker can use a vulnerability to execute an operating system command on a higher-privileged device by forging a UPnPSOAP request

An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool. BrilliantTS FUZE card is a smart card product. The product can encrypt and store bank card, credit card and other smart card information

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable. plural ASUS The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUS RT-AC66U, etc. are all wireless router products of ASUS. Attackers can use the percent and desktOP fields of the System Cmd variable to inject this vulnerability and execute operating system commands with higher authority. The following products and versions are affected: ASUS RT-AC66U; RT-AC68U; RT-AC86U; RT-AC88U; RT-AC1900; .382.39935 prior; RT-AC87U and RT-AC3200 prior to 3.0.0.4.382.50010; RT-AC5300 prior to 3.0.0.4.384.20287

The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague-L31C576B172, versions before Prague-L31C530B160, versions before Prague-L31C432B180 has a man-in-the-middle (MITM) vulnerability due to the use of the insecure HTTP protocol for theme download. An attacker may exploit this vulnerability to tamper with downloaded themes. Huawei Honor 8 Lite Smartphone software contains a vulnerability related to access control.Information may be tampered with. Huawei Glory 8 Youth Edition is a smart phone device. There is a man-in-the-middle attack vulnerability in Huawei Glory 8 Youth Edition. Themes APP is a Huawei mobile theme application running in it. The following versions are affected: Huawei Honor 8 Youth Edition version before Prague-L31C576B172, version before Prague-L31C530B160, version before Prague-L31C432B180

A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Trend Micro Maximum Security (Consumer) Contains a race condition vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The code is subject to a time-of-check/time-of-use race condition when processing data from the user. An attacker can leverage this vulnerability to escalate privileges to kernel. Failed exploit attempts will likely cause a denial-of-service condition. The following products and versions are vulnerable: Premium Security 12.0 and prior Maximum Security 12.0 and prior Internet Security 12.0 and prior Antivirus + Security 12.0 and prior

An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Trend Micro Maximum Security (Consumer) Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products and versions are vulnerable: Premium Security 12.0 and prior Maximum Security 12.0 and prior Internet Security 12.0 and prior Antivirus + Security 12.0 and prior

An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges to kernel. Failed exploit attempts will likely cause a denial-of-service condition. The following products and versions are vulnerable: Premium Security 12.0 and prior Maximum Security 12.0 and prior Internet Security 12.0 and prior Antivirus + Security 12.0 and prior

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products and versions are vulnerable: Premium Security 12.0 and prior Maximum Security 12.0 and prior Internet Security 12.0 and prior Antivirus + Security 12.0 and prior

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products and versions are vulnerable: Premium Security 12.0 and prior Maximum Security 12.0 and prior Internet Security 12.0 and prior Antivirus + Security 12.0 and prior

Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi. D-Link DSL-3782 The device firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDSL-3782 is a wireless router product from D-Link. A buffer overflow vulnerability exists in the Diagnostics feature of the D-LinkDSL-3782 device using EU1.01 firmware

NMS2056S is a high-performance monitoring host for the large and medium-sized computer room power environment monitoring field. NMS2056S has a login bypass vulnerability. An attacker can use this vulnerability to enter the background as an administrator to obtain sensitive information

AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM. AESM daemon is one of the AESM daemons. A local attacker could exploit this vulnerability to cause a denial of service

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session. Intel Remote Keyboard Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The software supports mobile phone remote control computer

Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user. Intel Remote Keyboard Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Remote Keyboard is the remote keyboard software of Intel Corporation. The software supports mobile phone remote control computer

Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user. Intel Remote Keyboard Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Remote Keyboard is the remote keyboard software of Intel Corporation. The software supports mobile phone remote control computer. An elevation of privilege vulnerability exists in Intel Remote Keyboard

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. in the United States. Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; watchOS is a smart watch operating system. A security vulnerability exists in the Graphics Driver component of Apple iOS versions prior to 11.2.5, tvOS versions prior to 11.2.5, and watchOS versions prior to 4.2.2

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Notes" component. It allows local users to obtain sensitive information by reading search results that contain locked-note content. Apple iOS is an operating system developed by Apple (Apple) for mobile devices

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows physically proximate attackers to bypass the screen-locking protection mechanism that should have been in place upon closing the lid. Apple macOS The kernel component contains a vulnerability that bypasses the screen lock protection mechanism.An attacker with physical control of the device could bypass the screen lock protection mechanism. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. A security vulnerability exists in the Kernel component of Apple macOS Sierra prior to 10.12.4