VARIoT IoT vulnerabilities database

Shenzhen Tongwei Digital Technology Co., Ltd. is an international provider of video security products and system solutions integrating R&D, production, sales and services. Shenzhen Tongwei Digital Technology Co., Ltd. InVid Tech has a weak password vulnerability, which attackers use to log in to the system backend and obtain sensitive information.

Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1. Sangoma of Asterisk contains vulnerabilities related to improper implementation of authentication algorithms, vulnerabilities related to the use of operators, and vulnerabilities related to improper implementation of control flow.Information may be obtained

Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution. Dell Edge Gateway 5000 firmware, precision 5820 tower firmware, Dell Edge Gateway 3000 Unspecified vulnerabilities exist in multiple Dell products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

The Yakong Giant SCADA Monitoring Platform is a high-end industrial automation full-configuration monitoring software suitable for "all-trusted" industrial control systems. It supports the joint use of all mainstream trusted CPUs, operating systems, PLC devices, and databases. The Yakong Giant SCADA Monitoring Platform of Beijing Yakong Technology Development Co., Ltd. has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime. Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation of the United States

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This issue affects some unknown processing of the file /useratte/resmanage.php. The manipulation of the argument load leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264533 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link Systems, Inc. of dar-7000 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. DAR-7000-40 is a network device suitable for government, finance, insurance, hotel, small and medium-sized enterprises, education and other fields. It provides professional traffic management capabilities, powerful content auditing, advanced Internet behavior management and efficient firewall and other practical functions. It can provide users with a visual network management experience by identifying and managing the network data flow application layer. Attackers can exploit this vulnerability to cause operating system command injection

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This vulnerability affects unknown code of the file /firewall/urlblist.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264532. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link Systems, Inc. of dar-7000 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. This affects an unknown part of the file /url/url.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264531. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link Systems, Inc. of dar-7000 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000-40 V31R02B1413C. Affected by this issue is some unknown functionality of the file /useratte/resmanage.php. The manipulation of the argument file leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-264530 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link Systems, Inc. of dar-7000 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Affected by this vulnerability is an unknown functionality of the file /user/onlineuser.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264529 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link Systems, Inc. of dar-7000 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthorization.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264528. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link Systems, Inc. of dar-7000 Firmware has an unrestricted upload of dangerous file types vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DAR-7000-40 is an Internet behavior audit gateway of D-Link, a Chinese company. D-Link DAR-7000-40 has a command execution vulnerability, which is caused by the incorrect verification of the file extension by the interface/sysmanage/license authorization.php script. Attackers can use this vulnerability to upload malicious PHP scripts and execute arbitrary PHP code on the system

Quantum 140CPU65150PL is a Unity processor in the Schneider Electric series. It combines the standard functions of a PLC with the diagnostic functions of a network server and uses an RJ-45 connection for communication. Schneider Electric (China) Co., Ltd. Quantum 140CPU65150PL has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

EG3210 is a new generation of multi-service security gateway in the RG-EG3200 series. It is a comprehensive gateway device designed for small and medium-sized network egress. Ruijie Networks Co., Ltd. EG3210 has a command execution vulnerability, which can be exploited by attackers to execute commands.

Beijing Yakong Technology Development Co., Ltd. is a high-tech enterprise of industrial automation and information software platform established in 1997. Beijing Yakong Technology Development Co., Ltd. KingPortal development system has information leakage vulnerability, which can be exploited by attackers to obtain sensitive information.

A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests. fortinet's FortiSandbox Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests. fortinet's FortiVoice Exists in a user-controlled key authentication evasion vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected application contains a hidden configuration item to enable debug functionality. This could allow an authenticated local attacker to gain insight into the internal configuration of the deployment. SIMATIC RTLS Locating Manager is used to configure, operate, and maintain SIMATIC RTLS devices, which is a real-time wireless location system that provides location solutions

A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current process. Simcenter Nastran is a finite element method solver. Siemens Simcenter Nastran has a stack buffer overflow vulnerability

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group. SIMATIC RTLS Locating Manager is used to configure, operate, and maintain SIMATIC RTLS devices, which are real-time wireless location systems that provide location solutions

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time. SIMATIC RTLS Locating Manager is used to configure, operate, and maintain SIMATIC RTLS devices, which is a real-time wireless location system that provides location solutions