VARIoT IoT vulnerabilities database
| VAR-202411-2915 | CVE-2024-52788 | Shenzhen Tenda Technology Co.,Ltd. of w9 Vulnerability related to use of hardcoded credentials in firmware |
CVSS V2: 7.7 CVSS V3: 8.0 Severity: HIGH |
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. Shenzhen Tenda Technology Co.,Ltd. of w9 A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda W9 is a wireless wall-mounted access point from China's Tenda company
| VAR-202411-1999 | CVE-2024-52711 | D-Link Systems, Inc. of di-8100 Classic buffer overflow vulnerability in firmware |
CVSS V2: 5.5 CVSS V3: 5.7 Severity: MEDIUM |
DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. D-Link Systems, Inc. of di-8100 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by China's D-Link Corporation.
D-Link DI-8100 has a buffer overflow vulnerability, which is caused by the ip_position_asp function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service
| VAR-202411-1664 | CVE-2024-50302 | Linux of Linux Kernel Vulnerability in using uninitialized resources in |
CVSS V2: 7.2 CVSS V3: 5.5 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
HID: core: zero-initialize the report buffer
Since the report buffer is used by all kinds of drivers in various ways, let's
zero-initialize it during allocation to make sure that it can't be ever used
to leak kernel memory via specially-crafted report. Linux of Linux Kernel Exists in the use of uninitialized resources.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
| VAR-202411-1421 | CVE-2024-50301 | Linux of Linux Kernel Out-of-bounds read vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.1 Severity: HIGH |
In the Linux kernel, the following vulnerability has been resolved:
security/keys: fix slab-out-of-bounds in key_task_permission
KASAN reports an out of bounds read:
BUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36
BUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]
BUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410
security/keys/permission.c:54
Read of size 4 at addr ffff88813c3ab618 by task stress-ng/4362
CPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15
Call Trace:
__dump_stack lib/dump_stack.c:82 [inline]
dump_stack+0x107/0x167 lib/dump_stack.c:123
print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400
__kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560
kasan_report+0x3a/0x50 mm/kasan/report.c:585
__kuid_val include/linux/uidgid.h:36 [inline]
uid_eq include/linux/uidgid.h:63 [inline]
key_task_permission+0x394/0x410 security/keys/permission.c:54
search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793
This issue was also reported by syzbot.
It can be reproduced by following these steps(more details [1]):
1. Obtain more than 32 inputs that have similar hashes, which ends with the
pattern '0xxxxxxxe6'.
2. Reboot and add the keys obtained in step 1.
The reproducer demonstrates how this issue happened:
1. In the search_nested_keyrings function, when it iterates through the
slots in a node(below tag ascend_to_node), if the slot pointer is meta
and node->back_pointer != NULL(it means a root), it will proceed to
descend_to_node. However, there is an exception. If node is the root,
and one of the slots points to a shortcut, it will be treated as a
keyring.
2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.
However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as
ASSOC_ARRAY_PTR_SUBTYPE_MASK.
3. When 32 keys with the similar hashes are added to the tree, the ROOT
has keys with hashes that are not similar (e.g. slot 0) and it splits
NODE A without using a shortcut. When NODE A is filled with keys that
all hashes are xxe6, the keys are similar, NODE A will split with a
shortcut. Finally, it forms the tree as shown below, where slot 6 points
to a shortcut.
NODE A
+------>+---+
ROOT | | 0 | xxe6
+---+ | +---+
xxxx | 0 | shortcut : : xxe6
+---+ | +---+
xxe6 : : | | | xxe6
+---+ | +---+
| 6 |---+ : : xxe6
+---+ +---+
xxe6 : : | f | xxe6
+---+ +---+
xxe6 | f |
+---+
4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,
it may be mistakenly transferred to a key*, leading to a read
out-of-bounds read.
To fix this issue, one should jump to descend_to_node if the ptr is a
shortcut, regardless of whether the node is root or not.
[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/
[jarkko: tweaked the commit message a bit to have an appropriate closes
tag.]. Linux of Linux Kernel Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
| VAR-202411-1474 | CVE-2024-50299 | Linux of Linux Kernel Vulnerability in using uninitialized resources in |
CVSS V2: 7.2 CVSS V3: 5.5 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
sctp: properly validate chunk size in sctp_sf_ootb()
A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add
size validation when walking chunks") is also required in sctp_sf_ootb()
to address a crash reported by syzbot:
BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712
sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712
sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166
sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407
sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88
sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243
sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159
ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205
ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233. Linux of Linux Kernel Exists in the use of uninitialized resources.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
| VAR-202411-0916 | CVE-2024-52574 | Siemens' Tecnomatix Plant Simulation Out-of-bounds read vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24543). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0911 | CVE-2024-52573 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24521). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0913 | CVE-2024-52572 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a stack based overflow vulnerability while parsing specially crafted WRL files.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24486). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0908 | CVE-2024-52571 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24485). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0909 | CVE-2024-52570 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24365). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0917 | CVE-2024-52569 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24260). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0914 | CVE-2024-52568 | Siemens' Tecnomatix Plant Simulation Vulnerability in using free memory in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files.
An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-24244). Siemens' Tecnomatix Plant Simulation Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0910 | CVE-2024-52567 | Siemens' Tecnomatix Plant Simulation Out-of-bounds read vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24237). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0912 | CVE-2024-52566 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24233). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-0915 | CVE-2024-52565 | Siemens' Tecnomatix Plant Simulation Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: High |
A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24231). Siemens' Tecnomatix Plant Simulation Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRL files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. Siemens Tecnomatix Plant Simulation is an industrial control device of Siemens, Germany. It uses the function of discrete event simulation to analyze and optimize production volume, thereby improving the performance of manufacturing systems
| VAR-202411-2400 | CVE-2024-51141 | TOTOLINK of A600UB Vulnerability related to insufficient data integrity verification in firmware |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute arbitrary code via the WifiAutoInstallDriver.exe and MSASN1.dll components. TOTOLINK of A600UB Firmware contains a vulnerability related to insufficient data integrity validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A600UB is a Bluetooth wireless adapter from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to execute arbitrary code
| VAR-202411-0858 | CVE-2024-11248 | Shenzhen Tenda Technology Co.,Ltd. of AC10 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute arbitrary code
| VAR-202304-1774 | CVE-2023-20039 | Cisco Systems Cisco Industrial Network Director Vulnerability in externally accessible files or directories in |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data.
This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vulnerability by accessing files in the application data directory. A successful exploit could allow the attacker to view sensitive information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. . Cisco Systems Cisco Industrial Network Director Exists in a vulnerability in externally accessible files or directories.Information may be obtained.
For more information about these vulnerabilities, see the Details section of this advisory.
This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-CAeLFk6V
| VAR-202304-1775 | CVE-2023-20036 | Cisco Systems Cisco Industrial Network Director In OS Command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 9.9 Severity: CRITICAL |
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.
This vulnerability is due to improper input validation when uploading a Device Pack. An attacker could exploit this vulnerability by altering the request that is sent when uploading a Device Pack. A successful exploit could allow the attacker to execute arbitrary commands as NT AUTHORITY\SYSTEM on the underlying operating system of an affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Systems Cisco Industrial Network Director for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Industrial Network Director (IND) is an industrial automation management system of Cisco. The system realizes automated management through visual operation of industrial Ethernet infrastructure.
For more information about these vulnerabilities, see the Details section of this advisory.
This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-CAeLFk6V
| VAR-202411-0796 | CVE-2024-11237 | TP-LINK Technologies of vn020-f3v(t) Out-of-bounds write vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: High |
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. TP-LINK Technologies of vn020-f3v(t) An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TP-LINK vn020-f3vt is a wireless modem from TP-LINK of China. The vulnerability is caused by the network system or product not properly verifying the data boundary when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc