VARIoT IoT vulnerabilities database

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X46 versions prior to 12.1X46-D67 on SRX Series; 12.3X48 versions prior to 12.3X48-D25 on SRX Series; 15.1X49 versions prior to 15.1X49-D35 on SRX Series. Juniper Networks SRX Series devices contain vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Juniper Junos Space is prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks to obtain sensitive information, and perform unauthorized actions. Successful exploits will lead to other attacks. Junos OS is a set of operating systems running on it. A security vulnerability exists in Junos OS on Juniper SRX Series

An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100;; 15.1X49 versions prior to 15.1X49-D20 on SRX Series. Juniper Networks Junos OS Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a local privilege-escalation vulnerability. Local attackers could exploit this issue to run arbitrary commands with root privileges. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. An attacker could exploit this vulnerability to take complete control of the system

Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services. Juniper Contrail Service Orchestration (CSO) is a set of products of Juniper Networks (Juniper Networks) for designing and deploying network services in the cloud CPE centralized deployment model. A security vulnerability exists in Juniper CSO prior to 4.0.0 due to the use of hard-coded certificates and keys. An attacker could exploit this vulnerability to gain unauthorized access

The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access. DGE-100 , DM-DGE-200-C ,and TS-1542-C Device firmware includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability.The specific flaw exists within the PING command of the CTP console. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker could leverage this vulnerability to execute code with root privileges. Crestron Electronics DGE-100, DM-DGE-200-C and TS-1542-C devices are all digital graphics engine products of Crestron Electronics in the United States

A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2. Microsoft ASP.NET is a cross-platform open source framework of Microsoft Corporation. The framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. Attackers can use this vulnerability to make unlimited login requests. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks

SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application. SAP BusinessObjects Business Intelligence Suite is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application

Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally. Huawei Smartphone software contains an authorization vulnerability.Information may be obtained. HuaweiVictoria-AL00 is the smartphone of China Huawei. The vulnerability stems from the fact that a certain interface of the mobile phone does not have the correct verification authority

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. Intel Active Management Technology Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IntelConvergedSecurityManageabilityEngine is a security management engine used by Intel (Intel) in the CPU (Central Processing Unit). ActiveManagement Technology (AMT) is one of the active management components. A buffer overflow vulnerability exists in the AMT HTTP handler in IntelConvergedSecurityManageabilityEngine. An attacker could exploit the vulnerability to construct arbitrary code by constructing a malicious HTTP request. The following firmware versions are affected: Firmware Version 3.x, Version 4.x, Version 5.x, Version 6.x, Version 7.x, Version 8.x, Version 9.x, Version 10.x, Version 11.x Version

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. Intel Active Management Technology Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. IntelConvergedSecurityManageabilityEngine is a security management engine used by Intel (Intel) in the CPU (Central Processing Unit). ActiveManagement Technology (AMT) is one of the active management components. AMT has a privilege elevation vulnerability in IntelConvergedSecurityManageabilityEngine. An attacker could exploit the vulnerability to gain elevated privileges by building malicious code. The following firmware versions are affected: Firmware Version 6.x, Version 7.x, Version 8.x, Version 9.x, Version 10.x, Version 11.0, Version 11.5, Version 11.6, Version 11.7, Version 11.10, Version 11.20

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. Intel Active Management Technology Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Converged Security Manageability Engine is a security management engine used in CPU (Central Processing Unit) by Intel Corporation. Active Management Technology (AMT) is one of the active management components. An attacker can exploit this vulnerability by constructing malicious code to cause a denial of service. The following firmware versions are affected: Firmware Version 3.x, Version 4.x, Version 5.x, Version 6.x, Version 7.x, Version 8.x, Version 9.x, Version 10.x, Version 11.x Version

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. IntelConvergedSecurityManagementEngine is a security management engine used by Intel (Intel) in the CPU (Central Processing Unit). A security vulnerability exists in the Intel ConvergedSecurityManagementEngine11.x release

Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller. Universal Robots Robot Controllers Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. UniversalRobotsRobotControllers is a collaborative robot controller product from Denmark's Universal Robots. A security vulnerability exists in UniversalRobotsRobotControllersCB3.1 and SW3.4.5-100, which was caused by the program using hard-coded credentials. An attacker could use this vulnerability to reset the password for the controller. Robot Controllers is prone to a remote code-execution vulnerability and a security-bypass vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of affected device and to bypass security restrictions and perform unauthorized actions. This may aid in further attacks

BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. BMC Firmware contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel ServerBoard, ComputeModule, and ServerSystem are products of Intel Corporation of the United States. IntelServerBoard is a server motherboard. ComputeModule is a computing module. ServerSystem is a server array card. A security vulnerability exists in the BMC firmware in IntelServerBoard, IntelComputeModule, and IntelServerSystem. An attacker could exploit this vulnerability to perform write and read operations on SMBUS

TP-Link EAP Controller is the software used by China TP-LINK company to remotely control wireless AP access point equipment. TP-Link EAP Controller for linux has a deserialization vulnerability. Remote attackers can implement deserialization attacks through the RMI protocol, and successful attacks can gain control of the target server.

Dr.COM APG Anti-Proxy Gateway is a network behavior analysis and management gateway device specially designed and developed for broadband shared access management in Guangzhou Hotspot. It mainly provides wired and wireless broadband operators with shared user access Control boxes and monitor in real time to avoid potential risks and losses caused by shared access behaviors, and make operators' network operations more healthy, orderly and sustainable development. There is a SQL injection vulnerability in Dr.COM APG anti-proxy gateway. An attacker can use this vulnerability to obtain sensitive database information.

A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks. plural SAP The product contains an input validation vulnerability.Information may be tampered with. SAP User Interface Technology is prone to an unspecified content-spoofing vulnerability. Attackers can exploit this issue to manipulate and spoof content, which may aid in further attacks

Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend crash after the users make specific screen gestures. HuaweiMate10 is a smartphone from China's Huawei company. An attacker can entice a user to install a malicious application, causing the user to crash in the foreground application after making a specific screen gesture

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory. plural Huawei The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiIPSModule and other products are products of China Huawei. HuaweiIPSModule is an IPS security device. NGFWModule is a firewall device. The NIP6300 and so on are the next generation intrusion prevention systems. Successful exploitation of this vulnerability can cause the system to run out of memory and then restart. The following products and versions are affected: Huawei IPS Module V500R001C50 Version; NGFW Module V500R001C50 Version, V500R002C10 Version; NIP6300 V500R001C50 Version; NIP6600 V500R001C50 Version; NIP6800 V500R001C50 Version; Secospace USG6600 V500R001C50 Version; USG9500 V500R001C50 Version

In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained. Universal Robots Robot Controllers Is vulnerable to a lack of authentication for critical functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. UniversalRobotsRobotControllers is a collaborative robot controller product from Denmark's Universal Robots. A security vulnerability exists in UniversalRobotsRobotControllersCB3.1 and SW3.4.5-100, which stems from the TCP3001 to 3003 ports for listening and executing arbitrary URScript code. This may aid in further attacks

Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. plural Intel Xeon The product contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Xeon Scalable Processors and others are central processing unit (CPU) products of Intel Corporation of the United States. There are security vulnerabilities in the UEFI settings for DCI in several Intel products. An attacker can exploit the vulnerability to access sensitive information about the platform through the debug interface