VARIoT IoT vulnerabilities database

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have a DoS vulnerability. Due to incorrect malformed message processing logic, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause stack overflow and make a service unavailable. plural Huawei The product contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The AR series, SRG series, and NetEngine16EX service routing gateways are Huawei's all-in-one integrated service gateways for small and medium-sized branches and small and medium-sized enterprises. Huawei SMC2.0 is a video service management platform. A denial of service vulnerability exists in several Huawei products because the device failed to properly handle malformed messages. Huawei AR120-S and others are all router products of China Huawei (Huawei). The following products and versions are affected: Huawei AR120-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR1200 V200R006C10 Version, V200R006C13 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR1200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR150 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR150-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR160 V200R006C10 Version, V200R006C12 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR200 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R008C20 Version, V200R008C30 Version; AR200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR2200

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause out-of-bounds read and system crash. plural Huawei The product contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The AR series, SRG series, and NetEngine16EX service routing gateways are Huawei's all-in-one integrated service gateways for small and medium-sized branches and small and medium-sized enterprises. Huawei SMC2.0 is a video service management platform. A cross-border read vulnerability exists in several Huawei products due to the device's failure to fully verify user input. Huawei AR120-S and others are all router products of China Huawei (Huawei). There are security vulnerabilities in several Huawei products. The vulnerability is caused by the program's insufficient implementation of input validation. The following products and versions are affected: Huawei AR120-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR1200 V200R006C10 Version, V200R006C13 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR1200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR150 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR150-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR160 V200R006C10 Version, V200R006C12 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR200 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R008C20 Version, V200R008C30 Version; AR200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR2200

A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbitrary JavaScript in the nameFirst (aka First Name) field for the employee details page (/employee.html) that is then reflected in multiple pages where that field data is utilized, resulting in session hijacking and possible elevation of privileges. Icon Time Systems RTC-1000 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. IconTimeSystemsRTC-1000 is an electronic clock product from IconTimeSystems of the United States. A cross-site scripting vulnerability exists in IconTimeSystemsRTC-10002.5.7458 and earlier

On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack. TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a "ROBOT attack". plural F5 BIG-IP The product contains cryptographic vulnerabilities.Information may be obtained. Multiple F5 BIG-IP Products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks to obtain sensitive information, and perform unauthorized actions. Successful exploits will lead to other attacks. F5 BIG-IP is an all-in-one network device integrated with network traffic management, application security management, load balancing and other functions from F5 Corporation of the United States. Virtual server is one of the virtual servers. F5 BIG-IP versions 11.6.0-11.6.2, versions 12.0.0 to 12.1.2 HF1, and versions 13.0. to 13.0.0 HF2 have security vulnerabilities in virtual servers with Client SSL configuration files

A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import. Fortinet FortiWeb Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet Fortiweb is prone to an HTML-injection vulnerability because they fail to sanitize user-supplied input Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. Fortinet Fortiweb versions prior to 5.8.1 and 5.7.2 are vulnerable. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content. Fortinet Fortiweb versions prior to 5.8.1 and versions prior to 5.7.2 have a cross-site scripting vulnerability, which stems from the fact that the program does not properly sanitize user-submitted input

Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash. HuaweiBaggio-L03A is a Huawei smartphone. HuaweiBaggio-L03A has a denial of service vulnerability. The Huawei Baggio-L03A is a smart tablet device from the Chinese company Huawei

Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors. Robotic appliance COCOROBO provided by Sharp Corporation is a robot with cleaning function. Robotic appliance COCOROBO contains a vulnerability in session management (CWE-639). Kiyotaka ATSUMI of IoT Technology Laboratory, Cyber Grid Japan, LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker on the same LAN may impersonate a user to accessing product. As a result, there is a possibility that an arbitrary operation may be conducted or information may be altered/disclosed

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to cause to any memory access vulnerabilities, leading to sensitive information leakage. Huawei Smartphone software MTK The platform contains an information disclosure vulnerability.Information may be obtained. Huawei Enjoy 6 is a smartphone from China's Huawei company

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to cause to any memory access vulnerabilities, leading to sensitive information leakage. Huawei Smartphone software MTK The platform contains a buffer error vulnerability.Information may be obtained. Huawei Enjoy 6 is a smartphone from China's Huawei company

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter and cause to memory out-of-bound read. Huawei Smartphone software MTK The platform contains an out-of-bounds vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. Huawei Enjoy 6 is a smartphone from China's Huawei company. Huawei enjoys the memory out-of-bounds access vulnerability on the 6MTK platform

An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-38415808. References: N-CVE-2017-0866. NVIDIA Tegra X1 Contains vulnerabilities related to authorization, permissions, and access control. This vulnerability Android ID: A-38415808 and NVIDIA N-CVE-2017-0866 It is published asInformation is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GooglePixel is a smartphone device from Google Inc. in the United States. The NVIDIA TegraX1 is a processor chip used by NVIDIA. Directrenderinginfrastructur is one of the architectures for direct access to graphics hardware

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal. plural Huawei The product contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei DP300, RP200, RSE6500, TX50, VP9660, TE series and ViewPoint series are Huawei's integrated desktop telepresence products and high-definition video conferencing terminal products for high-end customers. A number of Huawei products have an out-of-bounds vulnerability because the device failed to adequately verify user input. Huawei DP300 and others are all products of China's Huawei (Huawei). DP300 is a video conferencing terminal. ViewPoint is a multi-point control unit of a video conference system. There are security vulnerabilities in several Huawei products. The following products and versions are affected: DP300 V500R002C00 Version; RP200 V500R002C00 Version, V600R006C00 Version; RSE6500 V500R002C00 Version; TE30 V100R001C02 Version, V100R001C10 Version, V500R002C00 Version, V600R006C00 Version; TE40 V500R002C00 Version, V600R006C00 Version; TE50 V500R002C00 Version, V600R006C00 Version; TE60 V100R001C01 Version, V100R001C10 Version, V500R002C00 Version, V600R006C00 Version; TX50 V500R002C00 Version, V600R006C00 Version; VP9660 V500R002C00 Version, V500R002C10 Version; ViewPoint 8660 V100R008C03 Version; ViewPoint 9030 V100R011C02 Version, V100R011C03 Version; Viewpoint 8660 V100R008C03 Version

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797. Vendors have confirmed this vulnerability Bug ID CSCvg22923 , CSCvg55112 , CSCvg55128 , CSCvg55145 , CSCvg58619 , CSCvg64453 , CSCvg64456 , CSCvg64464 , CSCvg64475 ,and CSCvg68797 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Voice OS is prone to a unauthorized access vulnerability. This may lead to further attacks. Cisco Voice Operating System is a set of voice operating system of Cisco (Cisco). Cisco Unified Communications Manager (UCM) is a call-processing component of a unified communications system. Unified Communication Manager Session Management Edition (SME) is its session management version. The following products are affected: Cisco Unified Communications Manager (UCM); Unified Communication Manager Session Management Edition (SME); Emergency Responder; Unity ConnectionCisco Unified Communications Manager IM and Presence Service (IMP, formerly Cisco Unified Presence); Hosted Collaboration Mediation Fulfillment; Unified Contact Center Express (UCCx); SocialMiner; Unified Intelligence Center (UIC); Finesse; MediaSense

An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure. plural Moxa NPort The product contains an information disclosure vulnerability.Information may be obtained. Moxa's NPort 5110, 5130 and 5150 are all Moxa's serial communication servers for connecting industrial serial devices to the network. Multiple Moxa NPort products are prone to multiple denial-of-service vulnerabilities and an information-disclosure vulnerability. An attacker can exploit these issues to obtain sensitive information or cause excessive consumption of resources or crash of application resulting in a denial of service condition

An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availability of the device. plural Moxa NPort The product contains an injection vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Moxa's NPort 5110, 5130 and 5150 are all Moxa's serial communication servers for connecting industrial serial devices to the network. A number of MoxaNport products have a denial of service vulnerability, and attackers launch denial of service attacks by injecting packets that can corrupt device availability. Multiple Moxa NPort products are prone to multiple denial-of-service vulnerabilities and an information-disclosure vulnerability. An attacker can exploit these issues to obtain sensitive information or cause excessive consumption of resources or crash of application resulting in a denial of service condition. A security vulnerability exists in the Moxa NPort 5110, 5130, and 5150

Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic. Vonage VDV-23 The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. VonageVDV-23115 is a routing repeater from Vonage Corporation of the United States. A cross-site scripting vulnerability exists in Vonage VDV-231153.2.11-0.9.40. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML by sending a NewKeyword or NewDomain field to /goform/RgParentalBasic

Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) attackers to freeze a camera and enter a house if a delivery driver failed to ensure a locked door before leaving. Amazon Key Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Amazon Key is prone to a security weakness. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. An attacker could exploit this vulnerability to freeze the camera image

A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it receives an illegal H.264 frame. The vulnerability is triggered by an H.264 frame that has an invalid picture parameter set (PPS) value. An attacker could exploit this vulnerability by sending a malformed H.264 frame to the targeted device. An exploit could allow the attacker to cause a denial of service (DoS) condition because the media process could restart. The media session should be re-established within a few seconds, during which there could be a brief interruption in service. Cisco Bug IDs: CSCvg12559. Vendors have confirmed this vulnerability Bug ID CSCvg12559 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter. ArrisTG1682Gdevices is a Modem (Modem) router all-in-one device from Arris Group of the United States. ComcastTG1682_2.0s7_PRODse is a firmware developed by Comcast Corporation of the United States. A cross-site scripting vulnerability exists in the ArrisTG1682G device using the ComcastTG1682_2.0s7_PRODse10.0.59.SIP.PC20.CT version. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML with the actionHandler/ajax_managed_services.php service parameter

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852. Vendors have confirmed this vulnerability IBM X-Force ID: 131852 It is released as.Information may be obtained. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. IBM Jazz Team Server affects the following IBM Rational products: Collaborative Lifecycle Management (CLM) Rational DOORS Next Generation (RDNG) Rational Engineering Lifecycle Manager (RELM) Rational Team Concert (RTC) Rational Quality Manager (RQM) Rational Rhapsody Design Manager (Rhapsody DM) Rational Software Architect (RSA DM)