VARIoT IoT vulnerabilities database

Stored XSS exists on Polycom QDX 6000 devices. Polycom QDX 6000 The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. PolycomQDX6000devices is a video conferencing terminal device from Polycom. A remote attacker could exploit this vulnerability to execute arbitrary Javascript code in a user's web browser

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of commands that are supplied to certain configurations in the CLI of the affected operating system. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable CLI command for an affected system. A successful exploit could allow the attacker to insert and execute arbitrary commands in the CLI of the affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvg29441. Vendors have confirmed this vulnerability Bug ID CSCvg29441 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco ASR5000 Series AggregationServicesRouters is a 5000 series secure router device from Cisco. StarOSoperatingsystem is a set of virtualized operating systems running on it. The CLI is one of the command line interfaces

A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988. Vendors have confirmed this vulnerability Bug ID CSCvh25988 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CiscoSecureAccessControlSystem is a policy-based enterprise access and network device management control platform. A Java deserialization vulnerability exists in CiscoSecureAccessControlSystem. Failed exploits will result in denial-of-service conditions

A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvg87525. Cisco Videoscape AnyRes Live Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvg87525 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco Videoscape AnyRes Live is a multi-format video encoder released by Cisco

A vulnerability in the web-based management interface of the (cloud based) Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface of the affected service. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information. Cisco Bug IDs: CSCvg74126. Vendors have confirmed this vulnerability Bug ID CSCvg74126 It is released as.Information may be obtained and information may be altered. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. The product includes read receipts for mail, mail recycling, mail forwarding and replying, and smartphone support

Huawei video applications HiCinema with software of 8.0.3.308; 8.0.4.300 have a permission control vulnerability. Due to improper verification of specific interface, an attacker who is on the same network with the user can obtain some information through a man-in-the-middle attack. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. The vulnerability is caused by the incorrect execution of the program verification

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. Citrix NetScaler ADC and NetScaler Gateway Contains an information disclosure vulnerability.Information may be obtained. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0

Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface. Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly known as Citrix Access Gateway Enterprise Edition) are both products of Citrix Systems. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request. Citrix NetScaler ADC and NetScaler Gateway Contains a path traversal vulnerability.Information may be obtained. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0

In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code. Eaton ELCSoft Contains buffer error vulnerabilities and input validation vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Eaton ELCSoft is a programmable logic control software that runs on a PC to help configure the ELC controller. There are arbitrary code execution vulnerabilities in Eaton ELCSoft 2.04.02 and earlier. Eaton ELCSoft Programming Software is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Failed exploits will result in denial-of-service condition. Eaton ELCSoft Versions 2.04.02 and prior are vulnerable

A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. Schneider Electric SoMove Software and DTM A software component contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SoMove software is a practical setup and FM software for users of Schneider inverters. The Altivar Dtm Library is a free library that supports a wide range of DTM devices. Multiple Schneider Electric Products are prone to local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. The following products are affected: SoMove software versions prior to 2.6.2 ATV320 DTM versions prior to 1.1.6 ATV340 DTM versions prior to 1.2.3 ATV6xx DTM versions prior to 1.8.0 ATV9xx DTM versions prior to 1.3.5 AltivarDtmLibrary versions prior to 12.7.0. are all products of French Schneider Electric (Schneider Electric). ATV320 DTM is a device type manager

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. plural Belden Hirschmann The product contains a vulnerability related to cryptographic strength.Information may be obtained and information may be altered. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. There are security holes in the web interface in several BeldenHirschmann switch products. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. Successfully exploiting this issue may lead to further attacks

A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions. plural Belden Hirschmann The product contains a session fixation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. Multiple Belden Products are prone to the following security vulnerabilities. 1. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. An authentication-bypass vulnerability An attacker can exploit this issue to bypass the authentication, obtain sensitive information and gain unauthorized access using brute-force attacks. Successfully exploiting this issue may lead to further attacks

A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A cleartext transmission of sensitive information vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. plural Belden Hirschmann The product contains an information disclosure vulnerability.Information may be obtained. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. Multiple Belden Products are prone to the following security vulnerabilities. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. Successfully exploiting this issue may lead to further attacks

An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user. plural Belden Hirschmann The product contains an information disclosure vulnerability and an access control vulnerability.The information may be obtained and the information may be falsified. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. There are security holes in the web interface in several BeldenHirschmann switch products. An attacker can exploit this vulnerability to spoof legitimate users. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. An authentication-bypass vulnerability An attacker can exploit this issue to bypass the authentication, obtain sensitive information and gain unauthorized access using brute-force attacks. Successfully exploiting this issue may lead to further attacks

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication. plural Belden Hirschmann The product contains a security feature vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. A security vulnerability exists in the web interface in several BeldenHirschmann switch products due to the number of times the program failed to properly limit authentication requests. Multiple Belden Products are prone to the following security vulnerabilities. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. Successfully exploiting this issue may lead to further attacks

NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate. NVIDIASHIELDTV is a game console device from NVIDIA. TrustZoneSoftware is one of the system-wide security software. DRMapplication is one of the digital rights management applications. There are security vulnerabilities in the DRM application of TrustZoneSoftware in NVIDIASHIELDTVSE6.2 and earlier. An attacker could exploit a vulnerability to cause a denial of service or might increase privileges

NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high. NVIDIA TrustZone Software Contains an out-of-bounds vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. NVIDIASHIELDTV is a game console device from NVIDIA. TrustZoneSoftware is one of the system-wide security software. A security vulnerability exists in the Keymaster implementation of TrustZoneSoftware in NVIDIASHIELDTVSE 6.2 and earlier. An attacker could exploit the vulnerability to cause a denial of service or to obtain information (by boundary reading)

NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high. NVIDIASHIELDTV is a game console device from NVIDIA. Tegrakerneldriver is one of the Tegra processor kernel drivers. NVMAP is one of the components. NVMAP of the Tegra kernel driver in NVIDIASHIELDTVSE6.2 and earlier has a security vulnerability

NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high. NVIDIASHIELDTV is a game console device from NVIDIA. SecurityEngine is one of the security engines. An attacker could exploit the vulnerability to obtain information