VARIoT IoT vulnerabilities database

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol. Schneider Electric VAMPSET Software contains a buffer error vulnerability.Denial of service (DoS) May be in a state. Schneider Electric VAMPSET is a software company from Schneider Electric, France, deployed in the energy industry to configure and maintain multiple relays and arc monitors. An attacker could exploit this vulnerability to execute arbitrary code in the context of the user running the affected application. Lead to a denial of service condition. Failed exploit attempts will likely cause denial-of-service conditions

An information disclosure vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-32577085. References: QC-CR#1103689. This vulnerability Android ID: A-32577085 and Qualcomm QC-CR#1103689 It is published asInformation may be obtained. GooglePixel/PixelXL is a smartphone from Google Inc. in the United States. An attacker could exploit this vulnerability to obtain potentially sensitive information that could lead to further attacks. Google Pixel/Pixel XL are prone to an information-disclosure vulnerability. Information obtained may aid in further attacks

HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier may allow a remote attackers to display false information. Multiple network camera products provided by I-O DATA DEVICE, INC. contain a HTTP header injection vulnerability. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported respective vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Forged information may be displayed on the logged-in user's web browser by exploiting HTTP response splitting. I-ODATATS-WLC2 and so on are all network cameras from I-ODATADEVICE, Japan. Remote attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions or to insert a crafted HTTP header into an HTTP response that could cause a web page redirection to a possible malicious website. IO DATA TS-WLC2 etc

TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. Multiple network camera products provided by I-O DATA DEVICE, INC. contain an OS command injection vulnerability. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported respective vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. A remote unauthenticated attacker may execute an arbitrary OS command on the product. I-ODATATS-WLC2 and so on are all network cameras from I-ODATADEVICE, Japan. Remote attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions or to insert a crafted HTTP header into an HTTP response that could cause a web page redirection to a possible malicious website. IO DATA TS-WLC2 etc

Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. Multiple network camera products provided by I-O DATA DEVICE, INC. contain a Buffer overflow vulnerability. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported respective vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote unauthenticated attacker may execute an arbitrary OS command on the product. I-ODATATS-WLC2 and so on are all network cameras from I-ODATADEVICE, Japan. Remote attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions or to insert a crafted HTTP header into an HTTP response that could cause a web page redirection to a possible malicious website. IO DATA TS-WLC2 etc

A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. More Information: CSCuw63001 CSCuw63003. Known Affected Releases: 2.2(2). Known Fixed Releases: 3.1(0.0). An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID's CSCuw63001 and CSCuw63003. Cisco Prime Infrastructure (PI) is a set of Cisco (Cisco) wireless management solutions through Cisco Prime LAN Management Solution (LMS) and Cisco Prime Network Control System (NCS) technology

Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack. Siemens SINUMERIK Integrate Operate Clients is a standard human interface system client for SINUMERIK digital control from Siemens AG. There is a middleman security bypass vulnerability in Siemens SINUMERIK Integrate Operate Clients. Multiple Siemens Products are prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks

A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the reboot command from the CLI. The following Cisco NetFlow Generation Appliances are vulnerable: NGA 3140, NGA 3240, NGA 3340. Cisco Bug IDs: CSCvc83320. Vendors have confirmed this vulnerability Bug ID CSCvc83320 It is released as.Remote attacker could disrupt service operation ( Device hang or reload ) There is a possibility of being put into a state. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. Cisco NetFlow Generation Appliance (NGA) is a set of scalable solutions for data center traffic visibility from Cisco. The solution provides features such as traffic analysis and other demand management. Stream Control Transmission Protocol (SCTP) decoder is one of the stream control transmission protocol decoders. A denial of service vulnerability exists in the SCTP decoder in Cisco NGA versions 3140, 3240, and 3340

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges. plural Intel Product Intel PSET Application Install The wrapper contains a vulnerability that allows processes to be launched with elevated privileges.An attacker could launch a process with elevated privileges. Multiple Intel products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. Intel Parallel Studio X, etc. Intel Parallel Studio X is a set of software for improving application performance and big data analysis; Intel Inspector is a set of tools for dynamic testing of memory access errors and thread access errors in applications

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account. This account is not documented, nor is the DEBUG feature or the use of telnetd on port tcp/5885. WePresent WiPG-1500 is a gateway newly launched by AWIND. WiPG-1500 connects to multi-platform devices (Windows/Mac/Pad/Smartphone/AirPad) and supports interactive presentations by supporting finger touch technology and virtual whiteboard. WePresent WiPG-1500 has a backdoor vulnerability. Attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access to the device. wePresent WiPG-1500 is a wireless projection device produced by Australia wePresentWiPG company for multimedia interactive teaching, large conferences, etc. A security vulnerability exists in wePresent WiPG-1500 devices using firmware version 1.0.3.7

Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely. NETGEAR DGN2200 is a wireless router product of NETGEAR

The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. This constitutes a 'bypass' of the disarm functionality resident to the application. Symantec Messaging Gateway Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Symantec Messaging Gateway is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Versions prior to Symantec Messaging Gateway 10.6.3-266 are vulnerable. Symantec Messaging Gateway is a set of anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies developed by Symantec

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations. The IntelEthernetController driver has a security vulnerability that allows a remote attacker to exploit the vulnerability to submit a special request for a denial of service attack. An attacker can exploit this issue to cause denial-of-service conditions

The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code. W3CHighResolutionTimeAPI is a set of JavaScript interfaces for the current time format that provides sub-millisecond resolution for web applications. A security vulnerability exists in W3CHighResolutionTimeAPI. An attacker could exploit the vulnerability to implement an AnC attack with specially crafted JavaScript code. W3C High Resolution Time API is prone to a security vulnerability. Attackers can exploit this issue to bypass certain security restrictions and gain access to some sensitive information. This may aid in further attacks

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser. Symantec Messaging Gateway Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Symantec Messaging Gateway is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Versions prior to Symantec Messaging Gateway 10.6.3-267 are vulnerable. Symantec Messaging Gateway is a set of anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies developed by Symantec

Redmi 2A mobile phone is a new model launched by Xiaomi on March 31, 2015. It is a derivative of Redmi Mobile 2. Redmi 2A kernel device / dev / hx170dec's ioctl cmd = 0x40046b0a and / dev / comip-ureg's ioctl cmd = 0xc00c7503 processing function lacks validity judgment, allowing attackers to cause exceptions or privileges to the device.

The D-LinkDSL-2730U is a router device. A denial of service vulnerability exists in the D-LinkDSL-2730U that could allow an attacker to crash an application and cause a denial of service.

Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to requests from the Web Page, Mobile Application, and Desktop Application interfaces, which allows remote attackers to obtain sensitive information by sniffing the network, a different vulnerability than CVE-2013-6117. This vulnerability CVE-2013-6117 Is a different vulnerability.A remote attacker could intercept your network and gain valuable information. Dahua DHI-HCVR7216A-S3 is a network hard disk recorder product of Dahua Company of China. Dahua Security Multiple Products are prone to an information-disclosure vulnerability

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application. Symantec Messaging Gateway Contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Symantec Messaging Gateway is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer; other attacks are also possible. Versions prior to Symantec Messaging Gateway 10.6.3-266 are vulnerable. Symantec Messaging Gateway is a set of anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies developed by Symantec

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges. Symantec Messaging Gateway Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Symantec Messaging Gateway is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code on the affected system. Versions prior to Symantec Messaging Gateway 10.6.3-267 are vulnerable. Symantec Messaging Gateway is a set of anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies developed by Symantec