VARIoT IoT vulnerabilities database

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data. TP-Link C2 and C20i The device firmware contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. TP-LINKC2 and C20i are all wireless router products of China TP-LINK. The TP-LinkC2 and C20i'Diagnostic' pages have security vulnerabilities that allow remote attackers to exploit this vulnerability to submit special requests to execute arbitrary code. TP-Link C2 and C20i with 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n and earlier firmware have security vulnerabilities

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface. TP-Link C2 and C20i The device firmware contains vulnerabilities related to security functions.Information may be tampered with. TP-LinkC2 and C20i are router devices of China Pulian. TP-LinkC2 and C20i have security bypass vulnerabilities that can be exploited by remote attackers to submit special requests to bypass security restrictions and perform unauthorized operations. There is no more detailed information about this vulnerability yet, please keep an eye on CNNVD or vendor announcements

vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password. TP-Link C2 and C20i The device firmware contains a vulnerability related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. TP-LINKC2 and C20i are all wireless router products of China TP-LINK. Vsftpd is a server running on a UNIX-like operating system. TP-LinkC2 and C20i have security bypass vulnerabilities that allow remote attackers to exploit special vulnerabilities to submit special requests to bypass security restrictions and perform unauthorized operations. There is a security vulnerability in vsftpd in TP-Link C2 and C20i using firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n and earlier

Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26. this SDK In multiple applications created using Authenticated Users It was reported that it can be changed with the authority of. Portrait Displays SDK is prone to a local privilege-escalation vulnerability. Portrait Display SDK 2.30 through 2.34 are vulnerable. Portrait Displays is a scalable platform supporting all display technologies and embedded control platforms for displays

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted elements on a web site. WebKit is prone to an same-origin policy security-bypass vulnerability. Apple iOS, Safari, iCloud for Windows and tvOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; Windows-based iCloud prior to 6.2; tvOS prior to 10.2

Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a "local privilege escalation vulnerability.". Lenovo System Update ( Old ThinkVantage System Update) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Lenovo System Update is prone to a local privilege-escalation vulnerability. A local attacker can exploit this vulnerability to gain elevated privileges. Versions prior to Lenovo System Update 5.07.0019 are vulnerable. Lenovo System Update (formerly known as ThinkVantage System Update) is a set of system automatic update tools provided by China Lenovo (Lenovo), which includes device driver updates, Windows system patch updates, etc

WebKit, as used in Safari 5.0.6, allows remote attackers to cause a denial of service (process crash) or arbitrary code execution. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A security vulnerability exists in the WebKit component used in Apple Safari 5.0.6

Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code. The software is capable of handling multiple sources such as digital video, media segments, and more

Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe account to wipe the device. Find My iPhone is one of the components that provides the function of recovering an accidentally lost iPhone. An attacker could exploit this vulnerability to wipe data on the device

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. TP-Link TL-SG108E Contains a vulnerability related to information disclosure from log files.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The TP-LinkTL-SG108E is a Gigabit Ethernet switch. There is a security hole in TP-LinkTL-SG108E. TP-Link TL-SG108E is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain the credentials. Information harvested may aid in further attacks

On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. TP-Link TL-SG108E Contains a vulnerability related to information disclosure from log files.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The TP-LinkTL-SG108E is a Gigabit Ethernet switch. There is a security hole in TP-LinkTL-SG108E. TP-Link TL-SG108E is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain the credentials. Information harvested may aid in further attacks

On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. TP-Link TL-SG108E Contains a cryptographic strength vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The TP-LinkTL-SG108E is a Gigabit Ethernet switch. A security vulnerability exists in the TP-LinkTL-SG108E1.0 version using firmware version 1.1.2Build20141017Rel.50749. An attacker could exploit the vulnerability to obtain information

On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware. TP-Link TL-SG108E Contains a vulnerability related to key management errors.Information may be obtained. The TP-LinkTL-SG108E is a Gigabit Ethernet switch. A security vulnerability exists in the TP-LinkTL-SG108E1.0 version using firmware version 1.1.2Build20141017Rel.50749, which was caused by the program using a hard-coded encryption key. An attacker could exploit the vulnerability to obtain information

On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). This affects the 1.1.2 Build 20141017 Rel.50749 firmware. TP-Link TL-SG108E Contains an authentication vulnerability.Information may be tampered with. The TP-LinkTL-SG108E is a Gigabit Ethernet switch. There is a security hole in TP-LinkTL-SG108E. A remote attacker can exploit this vulnerability to submit a special request that does not authorize the update process. TP-Link TL-SG108E is prone to a security-bypass vulnerability. An attacker may leverage this issue to bypass certain security restrictions and perform unauthorized actions like unauthenticated remote upgrades

LinksysSmartWi-FiRouters are smart Wi-Fi routers. There are multiple denial of service vulnerabilities in LinksysSmartWi-FiRouters. Allows an unauthenticated attacker to create a Denial of Service (DoS) condition on the router, causing the router to stop responding or restart by sending a spoofing request to a specific API.

LinksysSmartWi-FiRouters are smart Wi-Fi routers. There is a command injection vulnerability in LinksysSmartWi-FiRouters. An attacker can inject and execute malicious code on the device's operating system with root privileges through device authentication. If you have the ability to create a backdoor account for continuous access, the backdoor account will not be displayed on the web interface and cannot be deleted using the administrator account.

HG532n is a wireless router product of China Huawei. HuaweiHG532n has a command injection vulnerability that can be exploited by an attacker to invoke a command injection attack.

LinksysSmartWi-FiRouters are smart Wi-Fi routers. There is an authentication bypass vulnerability in LinksysSmartWi-FiRouters. Attackers can bypass CGI scripts to collect sensitive information such as firmware version, Linux kernel version, running process list, USB device connection, WPS PIN code. Unauthenticated attackers can obtain sensitive information, such as using a set of APIs to list all connected devices and their respective operating systems, accessing firewall configurations, reading FTP configuration settings, or unzipping SMB server settings.

A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated. OSIsoft PI Web API is a product for accessing PI system data. The program failed to properly validate the HTTP request. An attacker could exploit the vulnerability to perform certain unauthorized operations and access the affected application. Other attacks are also possible

The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. BlackBerrysmartphones are smart phones made by the BlackBerry. Broadcom Wi-FidriverforAndroid is a Wi-Fi driver module developed by Broadcom Inc. in the Android system. There is a security vulnerability in Broadcom Wi-FidriverforAndroid used in previous versions of the BlackBerry smartphone BuildAAE570