VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201702-0437 CVE-2016-5919 IBM Security Access Manager Vulnerability in decrypting important information CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The product enables access management control through integrated appliances for web, mobile and cloud computing
VAR-201702-0801 CVE-2017-3801 Cisco UCS Director of Web Base of GUI Vulnerable to elevation of privilege CVSS V2: 4.6
CVSS V3: 8.8
Severity: HIGH
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco Bug IDs: CSCvb64765. An attacker can leverage this issue to gain elevated privileges. This may aid in further attacks. Cisco UCS Director versions 6.0.0.0 and 6.0.0.1 are vulnerable. The solution supports users to manage computing power, network services, storage, and virtual machines from a single management console to deploy and release IT services more quickly and at low cost. A local attacker could exploit this vulnerability to perform arbitrary operations
VAR-201807-0128 CVE-2016-9496 Hughes satellite modems contain multiple vulnerabilities CVSS V2: 6.1
CVSS V3: 6.5
Severity: MEDIUM
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.bin to cause the modem to reboot. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple denial-of-service vulnerabilities 2. A hard-coded credentials vulnerability 3. An authentication bypass vulnerability An attacker can exploit these issues to gain access to bypass certain security restrictions and obtain potentially sensitive information, perform unauthorized actions, or cause denial-of-service condition on the affected device. Other attacks are also possible. The following products are vulnerable: HN7740S DW7000 HN7000S/SM. HN7740S, DW7000 and HN7000S/SM are the modems used in it. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34
VAR-201807-0127 CVE-2016-9495 Hughes satellite modems contain multiple vulnerabilities CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple denial-of-service vulnerabilities 2. A hard-coded credentials vulnerability 3. An authentication bypass vulnerability An attacker can exploit these issues to gain access to bypass certain security restrictions and obtain potentially sensitive information, perform unauthorized actions, or cause denial-of-service condition on the affected device. Other attacks are also possible. The following products are vulnerable: HN7740S DW7000 HN7000S/SM. Hughes satellite is a set of solutions for satellite broadband services from Hughes Corporation of the United States. HN7740S, DW7000 and HN7000S/SM are the modems used in it. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34
VAR-201807-0126 CVE-2016-9494 Hughes satellite modems contain multiple vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple Hughes Satellite Modems are prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. A hard-coded credentials vulnerability 3. An authentication bypass vulnerability An attacker can exploit these issues to gain access to bypass certain security restrictions and obtain potentially sensitive information, perform unauthorized actions, or cause denial-of-service condition on the affected device. Other attacks are also possible. The following products are vulnerable: HN7740S DW7000 HN7000S/SM. Hughes satellite is a set of solutions for satellite broadband services from Hughes Corporation of the United States. HN7740S, DW7000 and HN7000S/SM are the modems used in it. An attacker could exploit this vulnerability by sending a specially crafted GET request to cause a denial of service. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34
VAR-201705-3256 CVE-2017-5174 Geutebruck IP Camera G-Cam/EFD-2250 Access control vulnerability

Related entries in the VARIoT exploits database: VAR-E-201702-0193
CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution. Geutebruck IP Camera G-Cam/EFD-2250 Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Geutebruck G-Cam/EFD-2250 provides a faster and safer solution for remote monitoring applications. An attacker exploited the vulnerability to gain unauthorized access to the affected device environment. Failed exploit attempts may result in a denial-of-service condition. G-Cam/EFD-2250 1.11.0.12 is vulnerable; other versions may also be affected. Geutebruck IP Camera G-Cam/EFD-2250 is germany Geutebruck A network camera of the company
VAR-201705-3255 CVE-2017-5173 Geutebruck G-Cam/EFD-2250 Remote code execution vulnerability

Related entries in the VARIoT exploits database: VAR-E-201702-0193
CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution. The Geutebruck G-Cam/EFD-2250 provides a faster and safer solution for remote monitoring applications. A remote code execution vulnerability exists in Geutebruck G-Cam/EFD-2250. An attacker exploited the vulnerability to execute arbitrary code. A failed attack can result in a denial of service. Attackers may exploit these issues to gain unauthorized access to the affected device and to execute arbitrary code within the context of the affected device. G-Cam/EFD-2250 1.11.0.12 is vulnerable; other versions may also be affected. Geutebruck IP Camera G-Cam/EFD-2250 is a network camera produced by German Geutebruck company
VAR-201702-1128 No CVE SAP NetWeaver Denial of Service Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
SAP NetWeaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.
VAR-201702-0669 CVE-2017-2684 Siemens SIMATIC Logon Vulnerabilities that bypass application-level authentication CVSS V2: 6.8
CVSS V3: 9.0
Severity: CRITICAL
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG. There is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT
VAR-201705-4094 CVE-2017-8913 SAP NetWeaver AS JAVA of Visual Composer VC70RUNTIME In the component XML External entity attack vulnerability CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873. SAP Netweaver Visual Composer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks
VAR-201702-1124 No CVE SAP Netweaver Remote Authorization Bypass Vulnerability CVSS V2: -
CVSS V3: -
Severity: -
SAP Netweaver is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks.
VAR-201805-0169 CVE-2017-5175 Advantech WebAccess DLL Hijacking vulnerability CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code. Advantech WebAccess Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A DLL hijacking vulnerability exists in Advantech WebAccess 8.1 and earlier. Advantech WebAccess is prone to a local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. Advantech WebAccess 8.1 and prior are vulnerable
VAR-201704-0652 CVE-2017-5670 Riverbed RiOS Vulnerability in which important information is obtained CVSS V2: 2.1
CVSS V3: 4.6
Severity: MEDIUM
Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks. RiverbedSteelhead is a hardware device used to optimize and accelerate network traffic. Implemented as a TLS endpoint, they have a secure library that stores the server's private TLS certificate. There is a local security bypass vulnerability in RiverbedRiOS. The attacker exploited the vulnerability to bypass some security restrictions and perform unauthorized operations
VAR-201702-0887 CVE-2017-2374 Apple GarageBand and Logic Pro X Update for vulnerabilities CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file. Apple From GarageBand and Logic Pro X An update for has been released.Crafted GarageBand An arbitrary code may be executed by opening the project file. Apple GarageBand is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code on the affected system. Failed exploit attempts may result in a denial-of-service condition. Apple GarageBand is a set of music production software from Apple (Apple). A memory corruption vulnerability exists in versions of Apple GarageBand prior to 10.1.6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-02-21-1 GarageBand 10.1.6 GarageBand 10.1.6 is now available and addresses the following: Projects Available for: OS X Yosemite v10.10 or later Impact: Opening a maliciously crafted GarageBand Project file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2374: Tyler Bohan of Cisco Talos Installation note: GarageBand may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYrImXAAoJEIOj74w0bLRGyr0QAILapV0W5UfNAcFn8FeZIXKw H10/c+doJ41Y3QQH+4qo+Y0eMVlKLc8zkQk0Ocz+e3RYtScFCELVysX037qczPuW Znr9lvycMgpuYfIosWmde+1FF7nvSiN7RvAVRMBN4OIOmFT82h+vFxZf2Zeka4JL Ali8kh6uK3W3A8kNJiO0sM/r0G8nRf6OvgtH5YL9gjBc9e6J1m4upx4KEMPRlaiY Ykn7Y03gYk11LwTlB1Q5f+b88VTMtItPLadal3ICQONXGGBu6GyvjOLQVAxVvggn K4pgPRSDh/YvRlCcXl319sJigg+0Fa6gFk/NHcMI4YzOhxWHNUWDzrG721aJCRer 6YWcD6LgHsJODi8yp4yuJ3DbESh3WFiWS4ATVJThOuW8hATGhukbPHvwcoPaM3rN 5MLhImi9QpT2rE92DpQ5X0m/KzLdhOrgk3CnyR1aKmP2L2qD4ZbKlwdMwIKByxlW ypcv+C9BP31KcPLbLhsQGOuNb4NGeTbKv/yQvHB3KeN/w750WtMamT2CE8sFkPnu +X5wQk6pZi6e4Xc5nQbLkIHEPtZNo4O8qUoPPmaTsK6lwcvB1C5/09Zcfc3pOBy7 +Cp+6dimx/nbCcK4dW8QzIZIEd88hXhk9I441lBUGE4AMXU6l5npV/DaZTZOj6Ga b9ZTShls177KyTLSw0CW =gmwM -----END PGP SIGNATURE-----
VAR-201702-1107 No CVE There is a command execution vulnerability in the Rico Virtual VPN Gateway CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
The virtual VPN gateway is a virtual gateway device of Ruike Electronic Technology Co., Ltd. There is a command execution vulnerability in the Rico Virtual VPN Gateway that allows an attacker to exploit arbitrary commands or reveal sensitive information.
VAR-201702-0190 CVE-2016-7762 Apple iOS Used in etc. Webkit Vulnerable to cross-site scripting CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebKit" component, which allows XSS attacks against Safari. Webkit Contains a cross-site scripting vulnerability.Safari May be subjected to a cross-site scripting attack. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome
VAR-201702-0189 CVE-2016-7761 Apple macOS of WiFi Vulnerabilities in which important network configuration information is obtained in components CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "WiFi" component, which allows local users to obtain sensitive network-configuration information by leveraging global storage. Apple macOS is prone to a local information-disclosure vulnerability. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. WiFi is one of the wireless connectivity components
VAR-201702-0052 CVE-2016-6249 F5 BIG-IP of REST Vulnerability in obtaining important information in requests CVSS V2: 2.1
CVSS V3: 5.3
Severity: MEDIUM
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files. Multiple F5 BIG-IP Products are prone to an information-disclosure vulnerability. This may lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. REST Framework Logging is one of the logging framework components. The vulnerability stems from the fact that the program stores sensitive attributes (including passwords) in the /var/log/restjavad.0.log file in plain text. The following products and versions are affected: F5 BIG-IP LTM Release 12.0.0, Release 11.5.0 through Release 11.6.1; BIG-IP AAM Release 12.0.0, Release 11.5.0 through Release 11.6.1; BIG-IP AFM Version 12.0.0, version 11.5.0 to version 11.6.1; BIG-IP Analytics version 12.0.0, version 11.5.0 to version 11.6.1; BIG-IP APM version 12.0.0, version 11.5.0 to 11.6. 1 version; BIG-IP ASM version 12.0.0, 11.5.0 through 11.6.1; BIG-IP DNS version 12.0.0; BIG-IP GTM version 11.5.0 through 11.6.1; BIG-IP Link Controller Version 12.0.0, version 11.5.0 to version 11.6.1; BIG-IP PEM version 12.0.0, version 11.5.0 to version 11.6.1; BIG-IP WebSafe version 12.0.0, version 11.5.0 to 11.6. 1 version
VAR-201802-0165 CVE-2017-5786 HPE OfficeConnect Network switch access control vulnerability CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version PT.02.01 including PT.01.03 through PT.01.14. HPOfficeConnect 1820 is a switch product of Hewlett-Packard (HP). A local security bypass vulnerability exists in HPOfficeConnectNetworkSwitches. An attacker could exploit this vulnerability to bypass certain security restrictions and perform unauthorized operations. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05388948 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05388948 Version: 1 HPESBHF03704 rev.1 - HPE OfficeConnect Network Switches, Local Unauthorized Data Modification NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. - HPE OfficeConnect 1820 8G Switch J9979A - all software versions prior to PT.02.01 including: PT.01.03 through PT.02.01 - HPE OfficeConnect 1820 24G PoE+ (185W) Switch J9983A - all software versions prior to PT.02.01 including: PT.01.03 through PT.02.01 - HPE OfficeConnect 1820 24G Switch J9980A - all software versions prior to PT.02.01 including: PT.01.03 through PT.02.01 - HPE OfficeConnect 1820 48G PoE+ (370W) Switch J9984A - all software versions prior to PT.02.01 including: PT.01.03 through PT.02.01 - HPE OfficeConnect 1820 48G Switch J9981A - all software versions prior to PT.02.01 including: PT.01.03 through PT.02.01 - HPE OfficeConnect 1820 8G PoE+ (65W) Switch J9982A - all software versions prior to PT.02.01 including: PT.01.03 through PT.02.01 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2017-5786 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 The Hewlett-Packard Enterprise Company thanks Pekka Jrvinen (raspi) for reporting this vulnerability to security-alert@hpe.com RESOLUTION HPE has made the following software update available to resolve the vulnerability in the impacted versions of HPE OfficeConnect Network Switch. Please install version PT.02.01 from the following location: <http://www.hpe.com/networking/support> HISTORY Version:1 (rev.1) - 10 February 2017 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJYnjhQAAoJELXhAxt7SZai9rEH/0Dkt5wBcTqXFqVJ1Rj5wjiP fr2BnjYMt7YO47zxQMMGMePhz081YKVaGdK3zmXc/Hlvi3fOlnikyPJF/Kse9QV+ wuv22Caym6PAHD5le64h6Uv8dm8XxSkZS2t0wuFYM4gAqfWWtjeYzOCww7tSyxpQ Yq0190z/TooQduFNy/dV6oy0ACuOUKHJv8EWDP6HH2EQHBrqSgfoQEYuG05A6nLs XE/odmUrM4D3gHTlP0Te1l3+ESaMwPl3zBaG/nlUsuc5yDTDzvolJt9bcLvq3NCw gp7y56TKIdgIhwWD1gxoqBnOwDcEsDH7+mo9utSNMJHn0fiA7Onnnf3P/KIKE3U= =CJ6j -----END PGP SIGNATURE-----
VAR-201702-1105 No CVE TP-Link C2 and C20i Command Injection Vulnerabilities CVSS V2: 9.0
CVSS V3: -
Severity: HIGH
TP-Link is a Chinese network equipment manufacturer such as routers and IOT equipment. There is a command injection vulnerability in the http management interface of TP-LinkC2 and C20i. An attacker could exploit this vulnerability to inject arbitrary shell commands and gain root privileges.