VARIoT IoT vulnerabilities database

The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library. Apache James Server Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apache James is prone to an arbitrary command-execution vulnerability. This may aid in further attacks. Apache James versions prior to 3.0.1 are affected

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. SpiderControl MicroBrowser Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroBrowser is a touch screen operating system. SpiderControl MicroBrowser is prone to a remote code-execution vulnerability. SpiderControl MicroBrowser 1.6.30.144 and prior versions are vulnerable

Haiwell Cloud SCADA is an industrial automation monitoring and management platform software based on .NET Framework developed by Xiamen Haiwell Technology Co., Ltd. The Haiwell Cloud SCADA Android APP has an arbitrary account password reset vulnerability. The attacker can reset any account password by capturing the bursting verification code

Haiwell Cloud SCADA is an industrial automation monitoring and management platform software based on .NET Framework developed by Xiamen Haiwell Technology Co., Ltd. Haiwell Cloud SCADA Android APP has a password bypass vulnerability. The attacker intercepts the data packet by capturing the packet, and replaces it with the constructed password data packet to bind any other mobile phone. http://www.haiwell.com/news/615-cn.htmlHaiwell Cloud SCADA system cloud configuration software Android APP has a password bypass vulnerability

Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. ZOOM LATITUDE PRMs is a Boston Scientific Scientific portable cardiac management system for communication with implantable cardiac pacemakers and defibrillators deployed in the healthcare and public health sectors. A hard-coded encryption information-disclosure vulnerability 2. An information-disclosure vulnerability Attackers can exploit these issues to obtain potentially sensitive information. Information obtained may aid in further attacks

Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. ZOOM LATITUDE PRMs is a Boston Scientific Scientific portable cardiac management system for communication with implantable cardiac pacemakers and defibrillators deployed in the healthcare and public health sectors. A hard-coded encryption information-disclosure vulnerability 2. An information-disclosure vulnerability Attackers can exploit these issues to obtain potentially sensitive information. Information obtained may aid in further attacks

Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone. Huawei smartphone Honor V9 The software contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiHonorV9 is a smartphone product from China's Huawei company. A security vulnerability exists in versions prior to HuaweiHonorV9Duke-AL20C00B195. Huawei Mobile Phones are prone to a local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks

On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. FiberHome The router contains a path traversal vulnerability.Information may be obtained. FiberHomerouters is a router from China FiberHome. An attacker could exploit the vulnerability to obtain files on the router

All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address. ZTE ZXDT22 SF01 Contains a path traversal vulnerability.Information may be obtained. ZTEZXDT22SF01 is a DC power supply unit of China ZTE Corporation (ZTE). A directory traversal vulnerability exists in versions prior to ZTEZXDT22SF012.06.00.00. A remote attacker can exploit this vulnerability to read any file on the system

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insufficient sanitization of user-supplied parameters that are passed to certain Python functions within the scripting sandbox of the affected device. An attacker could exploit this vulnerability to escape the scripting sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user. To exploit this vulnerability, an attacker must have local access and be authenticated to the targeted device with administrative or Python execution privileges. These requirements could limit the possibility of a successful exploit. This vulnerability affects the following Cisco products if they are running Cisco NX-OS Software: Multilayer Director Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches - Standalone, NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvb86832, CSCvd86474, CSCvd86479, CSCvd86484, CSCvd86490, CSCve97102, CSCvf12757, CSCvf12804, CSCvf12815, CSCvf15198. Cisco NX-OS The software contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvb86832 , CSCvd86474 , CSCvd86479 , CSCvd86484 , CSCvd86490 , CSCve97102 , CSCvf12757 , CSCvf12804 , CSCvf12815 ,and CSCvf15198 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco NX-OS software is a data center-level operating system that reflects modular design, resiliency, and maintainability. Cisco Multilayer Director Switches, etc. are all products of Cisco (Cisco). Cisco Multilayer Director Switches is a switch product. NX-OS Software is an operating system used in it. Python scripting subsystem is one of the Python scripting subsystems. The vulnerability stems from the fact that the program does not adequately filter the parameters submitted by users

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks. 3CX Phone System Contains a path traversal vulnerability.Information may be obtained

China Mobile and Routing APP is a mobile phone supporting service software for He · Routing. China Mobile and routing APP have ftp backdoor vulnerability. The vulnerability is caused by the ftp account password being written into the application, An attacker can use the vulnerability to obtain ftp account information, log in to the route to obtain information about its stored files, and further use it to log in to telnet.

ZTE E8810 is a dual-band 11ac intelligent cloud router. CSRF vulnerability exists in ZTE E8810 wireless router. Allows an attacker to hijack the administrator and restore the router to factory settings.

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to weaknesses in the generation of certain authentication mechanisms in the URL of the web console. An attacker could exploit this vulnerability by browsing to one of the hosted VMs' URLs in Cisco CSP and viewing specific patterns that control the web application's mechanisms for authentication control. An exploit could allow the attacker to access a specific VM on the CSP, which causes a complete loss of the system's confidentiality, integrity, and availability. This vulnerability affects Cisco Cloud Services Platform (CSP) 2100 running software release 2.1.0, 2.1.1, 2.1.2, 2.2.0, 2.2.1, or 2.2.2. Cisco Bug IDs: CSCve64690. Vendors have confirmed this vulnerability Bug ID CSCve64690 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to bypass the security mechanism and gain unauthorized access. This may lead to further attacks. web console is one of the web console programs

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit this vulnerability by sending malformed SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. This vulnerability affects Cisco Small Business SPA51x Series IP Phones that are running Cisco SPA51x Firmware Release 7.6.2SR1 or earlier. Cisco Bug IDs: CSCvc63982. Vendors have confirmed this vulnerability Bug ID CSCvc63982 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users

A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of SIP request messages by an affected device. An attacker could exploit this vulnerability by using formatted specifiers in a SIP payload that is sent to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. This vulnerability affects Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones that are running firmware release 7.6.2SR1 or earlier. Cisco Bug IDs: CSCvc63986. Vendors have confirmed this vulnerability Bug ID CSCvc63986 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking the user of a web application into executing an adverse action. Cisco Bug IDs: CSCuz88421, CSCuz91356, CSCve56308. Vendors have confirmed this vulnerability Bug ID CSCuz88421 , CSCuz91356 ,and CSCve56308 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Other attacks are also possible

A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by convincing a user of the web interface to access a malicious link or by intercepting a user request for the affected web interface and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvb09516. Vendors have confirmed this vulnerability Bug ID CSCvb09516 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Web framework is one of the Web frameworks

A vulnerability in the web interface of Cisco Jabber for Windows Client could allow an authenticated, local attacker to retrieve user profile information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input- and validation-checking mechanisms in the system. An attacker could exploit this vulnerability by issuing specific commands after authenticating to the system. A successful exploit could allow the attacker to view profile information where only certain parameters should be visible. Cisco Bug IDs: CSCve14401. Vendors have confirmed this vulnerability Bug ID CSCve14401 It is released as.Information may be obtained. The program provides online status display, instant messaging, voice and other functions

A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checks in the affected software. An attacker could exploit this vulnerability by authenticating locally to an affected system and then issuing specific commands to the affected software. A successful exploit could allow the attacker to view all profile information for a user instead of only certain Jabber parameters that should be visible. This vulnerability affects all releases of Cisco Jabber prior to Release 1.9.31. Cisco Bug IDs: CSCve52418. Vendors report this vulnerability Bug ID CSCve52418 Published as.Information may be obtained. The system provides functions such as voice, video, desktop sharing and conferencing