VARIoT IoT vulnerabilities database

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). Multiple Intel Products are prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. Intel MKKBLY35.86A is a firmware used in Intel NUC products by Intel Corporation of the United States. An input validation error vulnerability exists in several Intel products due to the program's inadequate implementation of input validation. The following products and versions are affected: Intel MKKBLY35.86A; MKKBLi5v.86A; GKAPLCPX.86A; DNKBLi7v.86A; DNKBLi5v.86A; DNKBLi30.86A; 86A; MYBDWi5v.86A; MYBDWi30.86A; TYBYT10H.86A; FYBYT10H.86A; CCSKLm5v.86A;

A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. MikroTik Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MikroTik is a routing operating system based on Linux kernel developed by Latvian MikroTik Company. This system turns a PC computer into a professional router. A security vulnerability exists in MikroTik version 6.41.4

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the Treturn parameter to /htdocs/webinc/js/bsc_sms_inbox.php. B The device contains a cross-site scripting vulnerability.Information may be obtained or information may be altered. D-LinkDIR-815REV.B is a wireless router product from D-Link. A cross-site scripting vulnerability exists in D-LinkDIR-815REV.B with DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and previous firmware. A remote attacker could exploit the vulnerability to obtain authentication cookies by sending a 'Treturn' parameter to the /htdocs/webinc/js/bsc_sms_inbox.php file

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php. B The device contains a cross-site scripting vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. D-LinkDIR-815REV.B is a wireless router product from D-Link. A cross-site scripting vulnerability exists in D-LinkDIR-815REV.B with DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and previous firmware. A remote attacker could exploit the vulnerability to obtain authentication cookies by sending a \342\200\230RESULT\342\200\231 parameter to the /htdocs/webinc/js/info.php file

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request. B The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-815REV.B is a wireless router product from D-Link. A security vulnerability exists in the /htdocs/web/getcfg.php file in D-LinkDIR-815REV.B using DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and previous firmware. An attacker could exploit the vulnerability to bypass permissions and obtain information. B using DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and earlier firmware

Shenzhen Tongwei Digital Technology Co., Ltd. (TVT) is a world-class product and system solution provider for video security in R&D, production, sales and service. It provides users in more than 120 countries and regions around the world. Core competing video security products and solutions. 1) TVTDVR/NVR/IPC has hard-coded Web management interface credentials, remote command execution on Web management interface, Base64-based authentication stack overflow, hard-coded telnet credentials, TCP/4567 port information leakage and remote command execution vulnerability. An attacker can exploit the vulnerability to obtain hard-coded passwords; insert arbitrary commands into the POST XML data and execute them, combined with hard-coded Web management interface credentials vulnerabilities, can be executed without restrictions on remote commands; based on hard-coded credentials, can be downloaded from TCP/4567 port The configuration file of the remote system, which contains the name and password of the civilized name. By sending a specially crafted base64 encoded XML packet (containing a 32-byte binary header) to the TCP/4567 port, an unauthenticated remote command execution vulnerability can result.

RS485 Temperature and Humidity Recorder / Temperature and Humidity Controller This transmitter is widely used in communication rooms, warehouse buildings, and self-control places that require temperature and humidity monitoring. The input power, temperature measurement unit and signal output of the sensor are completely isolated. There is a loophole in the logic design of the Jianda Renke 485 device. An attacker can use the attacker to impersonate the 485 device and preemptively respond to the counterfeit data of the host's query command.

On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile using the content insertion option. F5 BIG-IP PEM Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IP is an all-in-one network device that integrates network traffic management, application security management, load balancing and other functions. PEM is one of the policy execution managers. There is a security hole in F5BIG-IPPEM. An attacker could exploit the vulnerability to cause a denial of service (TrafficManagementMicrokernel crash). A security vulnerability exists in the F5 BIG-IP PEM. The following versions are affected: F5 BIG-IP PEM version 13.0.0, version 12.0.0 to version 12.1.3.1, version 11.6.0 to version 11.6.2, version 11.5.1 to version 11.5.5, version 11.2.1

An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network (for example, at site-to-site tunnels). MikroTik RouterOS Contains a certificate validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MikroTik RouterOS is a routing operating system based on Linux kernel developed by Latvian MikroTik Company. This system turns a PC computer into a professional router. There is a security vulnerability in MikroTik RouterOS 6.41.4 version, which is caused by the lack of verification of the OpenVPN server certificate in the program

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU. F5 BIG-IP Contains a cryptographic vulnerability.Information may be obtained. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. An attacker could exploit the vulnerability to cause a denial of service (SSL disconnection). F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Version 13.0.0, Version 12.1.0 to Version 12.1.3.1, Version 11.6.1 to Version 11.6.2, Version 11.5.1 to Version 11.5.5; IG-IP AAM 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP AFM 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP Analytics 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6 .2 version, 11.5.1 to 11.5.5 version; IG-IP APM 13.0.0 version, 12.1.0 to 12.1.3.1 version, 11.6.1 to 11.6.2 version, 11.5.1 to 11.5 version. 5 version; IG-IP ASM version 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP DNS 13.0.0 , 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP Edge Gateway 13.0.0, 12.1.0 to 12.1.3.1 , 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP GTM 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses. plural F5 BIG-IP The product contains data processing vulnerabilities.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. F5 BIG-IP LTM, etc. are all products of F5 Company in the United States. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. Traffic Management Microkernel (TMM) is one of the service processes that performs traffic management. A security vulnerability exists in TMM in several F5 products. An attacker could exploit this vulnerability to cause the TMM to reboot or cause the BIG-IP system to fail over to a peer device. The following products and versions are affected: F5 BIG-IP LTM Versions 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AAM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AFM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Analytics 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5 .1 to 11.5.5, 11.2.1; BIG-IP APM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2. 1 version; BIG-IP ASM version 12.0.0 through 12.1.2, version 11.6.0 through version 11.6.1, version 11.5.1 through version 11.5.5, version 11.2.1; BIG-IP DNS version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Edge Gateway 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP GTM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5

On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. F5 BIG-IP Contains an access control vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. An attacker could exploit this vulnerability to increase privileges. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.1.0, Release 13.0.0; F5 BIG-IP AAM Release 13.1.0, Release 13.0.0; F5 BIG-IP AFM Release 13.1.0, Release 13.0.0 Versions; F5 BIG-IP Analytics Version 13.1.0, Version 13.0.0; F5 BIG-IP APM Version 13.1.0, Version 13.0.0; F5 BIG-IP ASM Version 13.1.0, Version 13.0.0; F5 BIG-IP APM Version 13.1.0, Version 13.0.0; IP DNS Version 13.1.0, Version 13.0.0; F5 BIG-IP Edge Gateway Version 13.1.0, Version 13.0.0; F5 BIG-IP GTM Version 13.1.0, Version 13.0.0; F5 BIG-IP Link Controller 13.1 .0 version, version 13.0.0; F5 BIG-IP PEM version 13.1.0, version 13.0.0; F5 BIG-IP WebAccelerator version 13.1.0, version 13.0.0; F5 BIG-IP WebSafe version 13.1.0, version 13.0 .0 version; F5 BIG-IP Enterprise Manager version 3.1.1

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPSec exchange to exploit this vulnerability; in many environment this limits the attack surface to other endpoints under the same administration. plural F5 BIG-IP The product contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Versions 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AAM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AFM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Analytics 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5 .1 to 11.5.5, 11.2.1; BIG-IP APM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2. 1 release; BIG-IP ASM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP DNS 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Edge Gateway 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP GTM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to Version 11.5.5, Version 11.2.1; BIG-IP Link Controller 12

In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager (EM) and managed BIG-IP devices. F5 BIG-IP Product Apache module Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. Both apache_auth_token_mod and mod_auth_f5_auth_token.cpp are modules in it. Apache_auth_token_mod is an anti-theft chain module. Mod_auth_f5_auth_token.cpp is an authentication module. There are security vulnerabilities in the apache_auth_token_mod and mod_auth_f5_auth_token.cppApache modules in several F5 products. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.1.0 to Release 12.1.2, Release 11.6.1, Release 11.5.1 to Release 11.5.5, Release 11.2.1; BIG-IP AAM 13.0.0, 12.1.0 to 12.1.2, 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AFM 13.0.0, 12.1.0 to Version 12.1.2, Version 11.6.1, Version 11.5.1 through Version 11.5.5, Version 11.2.1; BIG-IP Analytics Version 13.0.0, Version 12.1.0 through Version 12.1.2, Version 11.6.1, Version 11.5 .1 to 11.5.5, 11.2.1; BIG-IP APM 13.0.0, 12.1.0 to 12.1.2, 11.6.1, 11.5.1 to 11.5.5, 11.2. 1 release; BIG-IP ASM release 13.0.0, release 12.1.0 to release 12.1.2, release 11.6.1, release 11.5.1 to release 11.5.5, release 11.2.1; BIG-IP DNS release 13.0.0 , version 12.1.0 to version 12.1.2, 11

On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure. plural F5 BIG-IP The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. An attacker could exploit the vulnerability by sending a malformed SPDY or HTTP/2 request to cause a denial of service. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.0.0 to Release 12.1.3.1, Release 11.6.0 to Release 11.6.2, Release 11.4.1 to Release 11.5.5, Release 11.2.1 Versions; BIG-IP AAM Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6.0 to Version 11.6.2, Version 11.4.1 to Version 11.5.5, Version 11.2.1; BIG-IP AFM Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6.0 to Version 11.6.2, Version 11.4.1 to Version 11.5.5, Version 11.2.1; BIG-IP APM Version 13.0.0, Version 12.0 .0 to 12.1.3.1, 11.6.0 to 11.6.2, 11.4.1 to 11.5.5, 11.2.1; BIG-IP ASM 13.0.0, 12.0.0 to 12.1. Version 3.1, Version 11.6.0 to Version 11.6.2, Version 11.4.1 to Version 11.5.5, Version 11.2.1; BIG-IP Edge Gateway Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6. 0 to 11.6.2, 11.4.1 to 11.5.5, 11.2.1; BIG-IP Link Controller 13.0.0, 12.0.0 to 12.1.3.1, 11.6.0 to 11.6. 2 versions, 11.4.1 to 11.5.5, 11.2.1; BIG-IP PEM 13.0.0, 12.0.0 to 12.1.3.1, 11.6.0 to 11.6.2, 11.4.1 Version to version 11.5.5, version 11.2.1; BIG-IP PSM 13.0

On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing a specific sequence of packets on IPv6 virtual servers. F5BIG-IPAnalytics is a set of web application performance analysis software from F5. The software provides detailed analysis of performance metrics such as transactions per second, server latency, page load time, and response throughput. TrafficManagementMicrokernel (TMM) is one of the service processes that perform traffic management. There are security vulnerabilities in TMM in several F5 products. An attacker could exploit this vulnerability to cause the TrafficManagementMicrokernel to restart. The following products and versions are affected: F5 BIG-IP Analytics 11.5.4 HF4 through 11.5.5; BIG-IP LTM 11.5.4 HF4 through 11.5.5; BIG-IP AAM 11.5.4 HF4 through 11.5. 5 version; BIG-IP AFM version 11.5.4 HF4 to version 11.5.5; BIG-IP APM version 11.5.4 HF4 to version 11.5.5; BIG-IP ASM version 11.5.4 HF4 to version 11.5.5; IP DNS 11.5.4 HF4 to 11.5.5; BIG-IP Edge 11.5.4 HF4 to 11.5.5; BIG-IP Gateway 11.5.4 HF4 to 11.5.5; BIG-IP GTM Link Controller 11.5 .4 HF4 through 11.5.5; BIG-IP PEM 11.5.4 HF4 through 11.5.5; BIG-IP WebAccelerator 11.5.4 HF4 through 11.5.5; BIG-IP WebSafe 11.5.4 HF4 through Version 11.5.5

Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0.0, 12.0.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 may cause a disruption of services provided by TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a Virtual Server. The control plane is not impacted by this vulnerability. plural F5 BIG-IP The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. An attacker could exploit the vulnerability to cause a denial of service. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.0.0 to Release 12.1.3.1, Release 11.6.1 to Release 11.6.2, Release 11.5.1 to Release 11.5.5; BIG-IP AAM 13.0.0, 12.0.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; BIG-IP AFM 13.0.0, 12.0.0 to Version 12.1.3.1, Version 11.6.1 to Version 11.6.2, Version 11.5.1 to Version 11.5.5; BIG-IP APM Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6.1 to Version 11.6 .2, 11.5.1 to 11.5.5; BIG-IP ASM 13.0.0, 12.0.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5. 5; BIG-IP Link Controller 13.0.0, 12.0.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; BIG-IP PEM 13.0.0 Versions, 12.0.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; BIG-IP WebSafe 13.0.0, 12.0.0 to 12.1.3.1 , 11.6.1 to 11.6.2, 11.5.1 to 11.5.5

Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie. plural Secutech Devices are vulnerable to insufficient validation of data reliability.Information may be tampered with. Secutech RiS-11, RiS-22 and RiS-33 are all wireless access point devices from Venezuela's Secutech. There are security vulnerabilities in Secutech RiS-11, RiS-22 and RiS-33 using 5.07.52_es_FRI01 firmware

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app. Apple iOS and macOS of Status Bar The component contains a vulnerability that allows access to the microphone.The microphone may be accessed through a crafted application. Apple macOS and iOS are prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers. An attacker could exploit this vulnerability to gain access to the microphone without the user's knowledge

Heideman Electric Co., Ltd. is a comprehensive high-tech enterprise integrating the development, production and sales of small household appliances such as doorbells and night lights. Heidman (Advent) offline sales doorbell series has a replay attack vulnerability. An attacker can use this vulnerability to replay the doorbell signal, which can cause the doorbell to respond without restriction and emit a ringtone.