VARIoT IoT vulnerabilities database

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request. Citrix NetScaler ADC and NetScaler Gateway Contains a path traversal vulnerability.Information may be obtained. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0

In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code. Eaton ELCSoft Contains buffer error vulnerabilities and input validation vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Eaton ELCSoft is a programmable logic control software that runs on a PC to help configure the ELC controller. There are arbitrary code execution vulnerabilities in Eaton ELCSoft 2.04.02 and earlier. Eaton ELCSoft Programming Software is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Failed exploits will result in denial-of-service condition. Eaton ELCSoft Versions 2.04.02 and prior are vulnerable

A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. Schneider Electric SoMove Software and DTM A software component contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SoMove software is a practical setup and FM software for users of Schneider inverters. The Altivar Dtm Library is a free library that supports a wide range of DTM devices. Multiple Schneider Electric Products are prone to local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. The following products are affected: SoMove software versions prior to 2.6.2 ATV320 DTM versions prior to 1.1.6 ATV340 DTM versions prior to 1.2.3 ATV6xx DTM versions prior to 1.8.0 ATV9xx DTM versions prior to 1.3.5 AltivarDtmLibrary versions prior to 12.7.0. are all products of French Schneider Electric (Schneider Electric). ATV320 DTM is a device type manager

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. plural Belden Hirschmann The product contains a vulnerability related to cryptographic strength.Information may be obtained and information may be altered. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. There are security holes in the web interface in several BeldenHirschmann switch products. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. Successfully exploiting this issue may lead to further attacks

A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions. plural Belden Hirschmann The product contains a session fixation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. Multiple Belden Products are prone to the following security vulnerabilities. 1. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. An authentication-bypass vulnerability An attacker can exploit this issue to bypass the authentication, obtain sensitive information and gain unauthorized access using brute-force attacks. Successfully exploiting this issue may lead to further attacks

A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A cleartext transmission of sensitive information vulnerability in the web interface has been identified, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. plural Belden Hirschmann The product contains an information disclosure vulnerability.Information may be obtained. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. Multiple Belden Products are prone to the following security vulnerabilities. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. Successfully exploiting this issue may lead to further attacks

An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user. plural Belden Hirschmann The product contains an information disclosure vulnerability and an access control vulnerability.The information may be obtained and the information may be falsified. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. There are security holes in the web interface in several BeldenHirschmann switch products. An attacker can exploit this vulnerability to spoof legitimate users. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. An authentication-bypass vulnerability An attacker can exploit this issue to bypass the authentication, obtain sensitive information and gain unauthorized access using brute-force attacks. Successfully exploiting this issue may lead to further attacks

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified, which may allow an attacker to brute force authentication. plural Belden Hirschmann The product contains a security feature vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. BeldenHirschmannRS and other are the switch products of the Belden company in the United States. A security vulnerability exists in the web interface in several BeldenHirschmann switch products due to the number of times the program failed to properly limit authentication requests. Multiple Belden Products are prone to the following security vulnerabilities. 1. Session Hijacking Vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability 4. A security weakness vulnerability 5. Successfully exploiting this issue may lead to further attacks

NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate. NVIDIASHIELDTV is a game console device from NVIDIA. TrustZoneSoftware is one of the system-wide security software. DRMapplication is one of the digital rights management applications. There are security vulnerabilities in the DRM application of TrustZoneSoftware in NVIDIASHIELDTVSE6.2 and earlier. An attacker could exploit a vulnerability to cause a denial of service or might increase privileges

NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high. NVIDIA TrustZone Software Contains an out-of-bounds vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. NVIDIASHIELDTV is a game console device from NVIDIA. TrustZoneSoftware is one of the system-wide security software. A security vulnerability exists in the Keymaster implementation of TrustZoneSoftware in NVIDIASHIELDTVSE 6.2 and earlier. An attacker could exploit the vulnerability to cause a denial of service or to obtain information (by boundary reading)

NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high. NVIDIASHIELDTV is a game console device from NVIDIA. Tegrakerneldriver is one of the Tegra processor kernel drivers. NVMAP is one of the components. NVMAP of the Tegra kernel driver in NVIDIASHIELDTVSE6.2 and earlier has a security vulnerability

NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high. NVIDIASHIELDTV is a game console device from NVIDIA. SecurityEngine is one of the security engines. An attacker could exploit the vulnerability to obtain information

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter. plural D-Link The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-880L and others are all wireless router products of D-Link. An operating system command injection vulnerability exists in the soap.cgi file in several D-Link products. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands with the help of the \342\200\230service\342\200\231 parameter. The following products and versions are affected: DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and earlier; DIR-868L DIR868LA1_FW112b04 and earlier; DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L and earlier DIR410b_

XSS vulnerability in htdocs/webinc/js/bsc_sms_inbox.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L and others are all wireless router products of D-Link. A cross-site scripting vulnerability exists in the htdocs/webinc/js/bsc_sms_inbox.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. D-Link DIR-868L, etc. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier

XSS vulnerability in htdocs/webinc/js/adv_parent_ctrl_map.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted deviceid parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L, DIR-865L and DIR-860L are all D-Link wireless router products. A cross-site scripting vulnerability exists in the htdocs/webinc/js/adv_parent_ctrl_map.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier

XSS vulnerability in htdocs/webinc/body/bsc_sms_send.php in D-Link DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to read a cookie via a crafted receiver parameter to soap.cgi. D-Link DIR-868L , DIR-865L ,and DIR-860L Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-868L and others are all wireless router products of D-Link. A cross-site scripting vulnerability exists in the htdocs/webinc/body/bsc_sms_send.php file in D-LinkDIR-868L, DIR-865L, and DIR-860L. D-Link DIR-868L, etc. The following products and versions are affected: D-Link DIR-868L DIR868LA1_FW112b04 and earlier; DIR-865L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and earlier; DIR-860L DIR860LA1_FW110b04 and earlier

NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate. NVIDIA Security Engine Contains information disclosure vulnerabilities and cryptographic strength vulnerabilities.Information may be obtained. NVIDIASHIELDTV is a game console device from NVIDIA. SecurityEngine is one of the security engines. DeterministicRandomBitGenerator (DRBG) is one of the deterministic random bit generators. A security vulnerability exists in SecurityEngine's DRBG in NVIDIASHIELDTVSE 6.2 and earlier. An attacker could exploit this vulnerability to obtain sensitive information

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system. Citrix NetScaler ADC and NetScaler Gateway Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly known as Citrix Access Gateway Enterprise Edition) are both products of Citrix Systems. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. Security vulnerabilities exist in Citrix NetScaler ADC and NetScaler Gateway. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0

An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 up to but not including 6.1.0 under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie. Fortinet FortiWeb Contains an access control vulnerability.Information may be tampered with. Fortinet Fortiweb is prone to an access-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. FortiWeb 5.6.0 and prior are vulnerable; other versions may also be affected. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content. An access control error vulnerability exists in Fortinet FortiWeb 5.6.0 and earlier versions

An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. The mydlink+ app sends the username and password for connected D-Link cameras (such as DCS-933L and DCS-934L) unencrypted from the app to the camera, allowing attackers to obtain these credentials and gain control of the camera including the ability to view the camera's stream and make changes without the user's knowledge. D-Link mydlink+ Contains a vulnerability related to certificate and password management.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. D-LinkDCS-933L and DCS-934L are D-Link's network camera products. Mydlink+ is an application for remote access to camera devices such as the DCS-933L and DCS-934L. A security vulnerability exists in the D-LinkDCS-933L1.05.04 release and the mydlink+3.8.5build259 release in the DCS-934L1.05.04 release. The vulnerability is caused by the program not encrypting the username and password when they are sent from the application to the camera. An attacker could exploit the vulnerability to obtain credentials and control the camera. Encrypt it