VARIoT IoT vulnerabilities database
| VAR-202411-2779 | CVE-2024-51190 | plural TRENDnet Cross-site scripting vulnerability in the product |
CVSS V2: - CVSS V3: 4.8 Severity: MEDIUM |
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the ptRule_ApplicationName_1.1.6.0.0 parameter on the /special_ap.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202411-2224 | CVE-2024-51189 | plural TRENDnet Cross-site scripting vulnerability in the product |
CVSS V2: - CVSS V3: 4.8 Severity: MEDIUM |
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the macList_Name_1.1.1.0.0 parameter on the /filters.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202411-3144 | CVE-2024-51188 | plural TRENDnet Cross-site scripting vulnerability in the product |
CVSS V2: - CVSS V3: 4.8 Severity: MEDIUM |
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202411-3433 | CVE-2024-51187 | plural TRENDnet Cross-site scripting vulnerability in the product |
CVSS V2: - CVSS V3: 4.8 Severity: MEDIUM |
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the firewallRule_Name_1.1.1.0.0 parameter on the /firewall_setting.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202411-1865 | CVE-2024-51186 | D-Link Systems, Inc. of DIR-820L Firmware command injection vulnerability |
CVSS V2: 7.7 CVSS V3: 8.0 Severity: HIGH |
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. D-Link Systems, Inc. of DIR-820L The firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-820L is a dual-band wireless router from D-Link, a Chinese company. Attackers can exploit this vulnerability to execute arbitrary code
| VAR-202411-1034 | CVE-2024-11068 | D-Link Systems, Inc. of dsl6740c Firmware Privileges API Improper Use Vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account. D-Link Systems, Inc. of dsl6740c The firmware has privilege API A vulnerability exists related to improper use of .Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China.
D-Link DSL6740C has a security vulnerability
| VAR-202411-1056 | CVE-2024-11067 | D-Link Systems, Inc. of dsl6740c Relative path traversal vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's default password is a combination of the MAC address, attackers can obtain the MAC address through this vulnerability and attempt to log in to the device using the default password. D-Link Systems, Inc. of dsl6740c The firmware contains a relative path traversal vulnerability.Information may be obtained. D-Link DSL6740C is a wireless VDSL router from D-Link, a Chinese company.
D-Link DSL6740C has a path traversal vulnerability, which is caused by the program failing to properly filter special elements in resource or file paths
| VAR-202411-1173 | CVE-2024-11066 | D-Link Systems, Inc. of dsl6740c in the firmware OS Command injection vulnerability |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: HIGH |
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web page. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link, a Chinese company.
D-Link DSL6740C has an operating system command injection vulnerability
| VAR-202411-0973 | CVE-2024-11065 | D-Link Systems, Inc. of dsl6740c in the firmware OS Command injection vulnerability |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: HIGH |
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China.
D-Link DSL6740C has an operating system command injection vulnerability
| VAR-202411-0959 | CVE-2024-11064 | D-Link Systems, Inc. of dsl6740c in the firmware OS Command injection vulnerability |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: HIGH |
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China.
D-Link DSL6740C has an operating system command injection vulnerability
| VAR-202411-1085 | CVE-2024-11063 | D-Link Systems, Inc. of dsl6740c in the firmware OS Command injection vulnerability |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: HIGH |
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link, a Chinese company
| VAR-202411-1035 | CVE-2024-11062 | D-Link Systems, Inc. of dsl6740c in the firmware OS Command injection vulnerability |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: HIGH |
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China.
D-Link DSL6740C has an operating system command injection vulnerability
| VAR-202411-0498 | CVE-2024-11061 | Shenzhen Tenda Technology Co.,Ltd. of AC10 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC10 is an 11ac dual-band router designed for 200M and above fiber homes. Attackers can exploit this vulnerability to launch targeted attacks on the target and endanger the security of the site system
| VAR-202411-0572 | CVE-2024-11056 | Shenzhen Tenda Technology Co.,Ltd. of AC10 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter wpapsk_crypto in the file /goform/WifiExtraSet failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
| VAR-202411-0417 | CVE-2024-11048 | D-Link Systems, Inc. of di-8003 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8003 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8003 is a wireless router from D-Link of China.
D-Link DI-8003 version 16.07.16A1 has a buffer overflow vulnerability. The vulnerability is caused by the parameter str of the file /dbsrv.asp failing to correctly verify the length of the input data. Remote attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack
| VAR-202411-0418 | CVE-2024-11047 | D-Link Systems, Inc. of di-8003 Buffer error vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8003 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8003 is a wireless router from D-Link of China. The vulnerability is caused by the parameter path of the file /upgrade_filter.asp failing to properly verify the length of the input data. Attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202411-0447 | CVE-2024-11046 | D-Link Systems, Inc. of di-8003 Command injection vulnerability in firmware |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: Medium |
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8003 The firmware contains a command injection vulnerability. OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8003 is a wireless router from D-Link of China.
D-Link DI-8003 version 16.07.16A1 has a command injection vulnerability, which is caused by the parameter path of the file /upgrade_filter.asp failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution
| VAR-202411-1143 | CVE-2024-50262 | Linux of Linux Kernel Out-of-bounds write vulnerability in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix out-of-bounds write in trie_get_next_key()
trie_get_next_key() allocates a node stack with size trie->max_prefixlen,
while it writes (trie->max_prefixlen + 1) nodes to the stack when it has
full paths from the root to leaves. For example, consider a trie with
max_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ...
0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with
.prefixlen = 8 make 9 nodes be written on the node stack with size 8. Linux of Linux Kernel Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
| VAR-202411-0905 | CVE-2024-50251 | Linux of Linux Kernel Vulnerability in |
CVSS V2: 7.2 CVSS V3: 6.2 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_payload: sanitize offset and length before calling skb_checksum()
If access to offset + length is larger than the skbuff length, then
skb_checksum() triggers BUG_ON().
skb_checksum() internally subtracts the length parameter while iterating
over skbuff, BUG_ON(len) at the end of it checks that the expected
length to be included in the checksum calculation is fully consumed. Linux of Linux Kernel Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
| VAR-202411-1697 | CVE-2024-50188 | Linux of Linux Kernel Vulnerability in |
CVSS V2: 7.2 CVSS V3: 5.5 Severity: MEDIUM |
In the Linux kernel, the following vulnerability has been resolved:
net: phy: dp83869: fix memory corruption when enabling fiber
When configuring the fiber port, the DP83869 PHY driver incorrectly
calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit
number (10). This corrupts some other memory location -- in case of
arm64 the priv pointer in the same structure.
Since the advertising flags are updated from supported at the end of the
function the incorrect line isn't needed at all and can be removed. Linux of Linux Kernel Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues