VARIoT IoT vulnerabilities database

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_advanced_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_mac_filter_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm. TOTOLINK of ex1200t There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK EX1200T is a Wi-Fi range extender manufactured by the Chinese company TOTOLINK. The TOTOLINK EX1200T suffers from an authentication bypass vulnerability. This vulnerability stems from the formLoginAuth.htm file not properly validating login requests. An attacker could exploit this vulnerability to bypass authentication, gain administrator privileges, and potentially control the entire system

In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm. TOTOLINK of a7000r There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK A7000R is a wireless router manufactured by the Chinese company TOTOLINK. The TOTOLINK A7000R suffers from an authentication bypass vulnerability caused by the formLoginAuth.htm file not properly validating login requests. Attackers can exploit this vulnerability to bypass authentication, tamper with system configurations, and potentially insert malware

A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specify_parame in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Netis Systems Co., Ltd. of WF2880 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. The Netis WF2880 is a wireless router from the Chinese company Netis

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3, FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9, FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4, FortiCamera & FortiNDR version 7.6.0 and before 7.4.6 may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests. FortiCamera firmware, FortiMail , FortiNDR Multiple Fortinet products, including the following, contain a relative path traversal vulnerability.Information may be obtained

Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to cause a denial of service

Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to cause a denial of service

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. An attacker could exploit this vulnerability to escalate privileges

Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation

Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. Intel Xeon Processors are a series of processors designed for enterprise servers, workstations, and the high-performance computing (HPC) market. They primarily serve data centers, cloud computing, and artificial intelligence. Detailed vulnerability details are currently unavailable

Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access. Intel Xeon Processors are a series of processors designed for enterprise servers, workstations, and high-performance computing (HPC) markets. They primarily serve data centers, cloud computing, and artificial intelligence. Attackers can exploit this vulnerability to cause a denial of service

Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege. The Intel 700 Series Ethernet is a high-performance Ethernet controller family from Intel Corporation. Detailed vulnerability details are currently unavailable