VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202411-2779 CVE-2024-51190 plural  TRENDnet  Cross-site scripting vulnerability in the product CVSS V2: -
CVSS V3: 4.8
Severity: MEDIUM
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the ptRule_ApplicationName_1.1.6.0.0 parameter on the /special_ap.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
VAR-202411-2224 CVE-2024-51189 plural  TRENDnet  Cross-site scripting vulnerability in the product CVSS V2: -
CVSS V3: 4.8
Severity: MEDIUM
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the macList_Name_1.1.1.0.0 parameter on the /filters.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
VAR-202411-3144 CVE-2024-51188 plural  TRENDnet  Cross-site scripting vulnerability in the product CVSS V2: -
CVSS V3: 4.8
Severity: MEDIUM
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
VAR-202411-3433 CVE-2024-51187 plural  TRENDnet  Cross-site scripting vulnerability in the product CVSS V2: -
CVSS V3: 4.8
Severity: MEDIUM
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the firewallRule_Name_1.1.1.0.0 parameter on the /firewall_setting.htm page. TRENDnet of TEW-651BR Firmware, TEW-652BRP firmware, TEW-652BRU Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
VAR-202411-1865 CVE-2024-51186 D-Link Systems, Inc.  of  DIR-820L  Firmware command injection vulnerability CVSS V2: 7.7
CVSS V3: 8.0
Severity: HIGH
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions. D-Link Systems, Inc. of DIR-820L The firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-820L is a dual-band wireless router from D-Link, a Chinese company. Attackers can exploit this vulnerability to execute arbitrary code
VAR-202411-1034 CVE-2024-11068 D-Link Systems, Inc.  of  dsl6740c  Firmware Privileges  API  Improper Use Vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account. D-Link Systems, Inc. of dsl6740c The firmware has privilege API A vulnerability exists related to improper use of .Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China. D-Link DSL6740C has a security vulnerability
VAR-202411-1056 CVE-2024-11067 D-Link Systems, Inc.  of  dsl6740c  Relative path traversal vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's default password is a combination of the MAC address, attackers can obtain the MAC address through this vulnerability and attempt to log in to the device using the default password. D-Link Systems, Inc. of dsl6740c The firmware contains a relative path traversal vulnerability.Information may be obtained. D-Link DSL6740C is a wireless VDSL router from D-Link, a Chinese company. D-Link DSL6740C has a path traversal vulnerability, which is caused by the program failing to properly filter special elements in resource or file paths
VAR-202411-1173 CVE-2024-11066 D-Link Systems, Inc.  of  dsl6740c  in the firmware  OS  Command injection vulnerability CVSS V2: 8.3
CVSS V3: 7.2
Severity: HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web page. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link, a Chinese company. D-Link DSL6740C has an operating system command injection vulnerability
VAR-202411-0973 CVE-2024-11065 D-Link Systems, Inc.  of  dsl6740c  in the firmware  OS  Command injection vulnerability CVSS V2: 8.3
CVSS V3: 7.2
Severity: HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China. D-Link DSL6740C has an operating system command injection vulnerability
VAR-202411-0959 CVE-2024-11064 D-Link Systems, Inc.  of  dsl6740c  in the firmware  OS  Command injection vulnerability CVSS V2: 8.3
CVSS V3: 7.2
Severity: HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China. D-Link DSL6740C has an operating system command injection vulnerability
VAR-202411-1085 CVE-2024-11063 D-Link Systems, Inc.  of  dsl6740c  in the firmware  OS  Command injection vulnerability CVSS V2: 8.3
CVSS V3: 7.2
Severity: HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link, a Chinese company
VAR-202411-1035 CVE-2024-11062 D-Link Systems, Inc.  of  dsl6740c  in the firmware  OS  Command injection vulnerability CVSS V2: 8.3
CVSS V3: 7.2
Severity: HIGH
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. D-Link Systems, Inc. of dsl6740c The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DSL6740C is a wireless VDSL router from D-Link of China. D-Link DSL6740C has an operating system command injection vulnerability
VAR-202411-0498 CVE-2024-11061 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Buffer error vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC10 is an 11ac dual-band router designed for 200M and above fiber homes. Attackers can exploit this vulnerability to launch targeted attacks on the target and endanger the security of the site system
VAR-202411-0572 CVE-2024-11056 Shenzhen Tenda Technology Co.,Ltd.  of  AC10  Buffer error vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter wpapsk_crypto in the file /goform/WifiExtraSet failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202411-0417 CVE-2024-11048 D-Link Systems, Inc.  of  di-8003  Buffer error vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8003 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8003 is a wireless router from D-Link of China. D-Link DI-8003 version 16.07.16A1 has a buffer overflow vulnerability. The vulnerability is caused by the parameter str of the file /dbsrv.asp failing to correctly verify the length of the input data. Remote attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202411-0418 CVE-2024-11047 D-Link Systems, Inc.  of  di-8003  Buffer error vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8003 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8003 is a wireless router from D-Link of China. The vulnerability is caused by the parameter path of the file /upgrade_filter.asp failing to properly verify the length of the input data. Attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202411-0447 CVE-2024-11046 D-Link Systems, Inc.  of  di-8003  Command injection vulnerability in firmware CVSS V2: 6.5
CVSS V3: 6.3
Severity: Medium
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8003 The firmware contains a command injection vulnerability. OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8003 is a wireless router from D-Link of China. D-Link DI-8003 version 16.07.16A1 has a command injection vulnerability, which is caused by the parameter path of the file /upgrade_filter.asp failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution
VAR-202411-1143 CVE-2024-50262 Linux  of  Linux Kernel  Out-of-bounds write vulnerability in CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths from the root to leaves. For example, consider a trie with max_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ... 0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with .prefixlen = 8 make 9 nodes be written on the node stack with size 8. Linux of Linux Kernel Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
VAR-202411-0905 CVE-2024-50251 Linux  of  Linux Kernel  Vulnerability in CVSS V2: 7.2
CVSS V3: 6.2
Severity: MEDIUM
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed. Linux of Linux Kernel Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues
VAR-202411-1697 CVE-2024-50188 Linux  of  Linux Kernel  Vulnerability in CVSS V2: 7.2
CVSS V3: 5.5
Severity: MEDIUM
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure. Since the advertising flags are updated from supported at the end of the function the incorrect line isn't needed at all and can be removed. Linux of Linux Kernel Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues