VARIoT IoT vulnerabilities database

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function. TOTOLINK of lr350 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK LR350 is a wireless router from China's TOTOLINK Electronics. No detailed vulnerability details are currently available

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently long reboot_type key. TRENDnet of TEW-827DRU A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlan_setting with a sufficiently long dns1 or dns 2 key

Information disclosure in Video while parsing mp2 clip with invalid section length. AQT1000 firmware, fastconnect 6200 firmware, fastconnect 6700 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Information may be obtained

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Multiple Qualcomm products, such as firmware, contain vulnerabilities related to authentication.Information may be tampered with

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469. media tech's NR15 , nr16 , NR17 Exists in the use of cryptographic algorithms.Information is obtained and service operation is interrupted (DoS) It may be in a state

In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430. media tech's NR15 Exists in unspecified vulnerabilities.Information may be obtained

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479. media tech's nr16 and NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01267285; Issue ID: MSV-1462. media tech's nr16 and NR17 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477. media tech's nr16 and NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

Raisecom Technology Development Co., Ltd. is a provider of optical network products and system solutions. Raisecom iSDC of Raisecom Technology Development Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to obtain server permissions.

Fuji Electric Monitouch V-SFT is vulnerable to an out-of-bounds write because of a type confusion, which could result in arbitrary code execution. Fuji Electric's Monitouch V-SFT contains a type confusion vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of V9C files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Fuji Electric Monitouch V-SFT is a screen configuration software from Fuji Electric of Japan

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules. TOTOLINK of CP900L A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. The vulnerability is caused by the desc parameter of the setIpPortFilterRules function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. TOTOLINK of CP900L Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided

A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb686c` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations. P3-550E firmware, P3-550 firmware, P3-530 firmware etc. AutomationDirect The product contains a vulnerability related to out-of-bounds writes.Information is tampered with and service operation is interrupted (DoS) It may be in a state. AutomationDirect P3-550E is a programmable control system (PLC) of AutomationDirect, Inc., USA

A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger this vulnerability. P3-550E firmware, P3-550 firmware, P3-530 firmware etc. AutomationDirect There are unspecified vulnerabilities in the product.Information may be obtained. AutomationDirect P3-550E is a programmable control system (PLC) of AutomationDirect, Inc. of the United States

A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this vulnerability. P3-550E firmware, P3-550 firmware, P3-530 firmware etc. AutomationDirect There are unspecified vulnerabilities in the product.Information is tampered with and service operation is interrupted (DoS) It may be in a state. AutomationDirect P3-550E is a programmable control system (PLC) of AutomationDirect, Inc. of the United States

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules. TOTOLINK of CP900L Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. TOTOLINK CP900L has a stack buffer overflow vulnerability. The vulnerability is caused by the desc parameter of the SetPortForwardRules function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth. TOTOLINK of CP900L A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. There is a buffer overflow vulnerability in the TOTOLINK CP900L v4.1.5cu.798_B20221228 version. The vulnerability is caused by the password parameter of the loginAuth function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules. TOTOLINK of CP900L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. TOTOLINK CP900L v4.1.5cu.798_B20221228 has a stack overflow vulnerability. The vulnerability is caused by the failure of the desc parameter in the function setMacFilterRules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service