VARIoT IoT vulnerabilities database

On Juniper Networks Junos OS 15.1 releases from 15.1R3 to 15.1R4, 16.1 prior to 16.1R3, on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured, a vulnerability in processing IPv6 ND packets originating from subscribers and destined to M/MX series routers can result in a PFE (Packet Forwarding Engine) hang or crash. Juniper Networks Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) An attack may be carried out. Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash and hang the affected device, denying service to legitimate users. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK

Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability. Juniper Networks Works with device products Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) An attack may be carried out. Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash and restart the affected device, denying service to legitimate users. Junos OS in Juniper Networks devices has a security vulnerability

On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. A malicious network-based packet flood of these crafted IPv6 NDP packets may eventually lead to resource exhaustion and a denial of service. The affected Junos OS versions are: 12.3 prior to 12.3R12-S4, 12.3R13; 13.3 prior to 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior ro 14.1X53-D12, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R6-S4, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1R5; 16.1 before 16.1R3; 16.2 before 16.2R1-S3, 16.2R2. 17.1R1 and all subsequent releases have a resolution for this vulnerability. Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to resource exhaustion and crash the affected device, denying service to legitimate users. Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK

On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. Over time, repeatedly receiving this type of LDP packet(s) will cause the memory to exhaust and the rpd process to crash and restart. It is not possible to free up the memory that has been consumed without restarting the rpd process. This issue affects Junos OS based devices with either IPv4 or IPv6 LDP enabled via the [protocols ldp] configuration (the native IPv6 support for LDP is available in Junos OS 16.1 and higher). The interface on which the packet arrives needs to have LDP enabled. The affected Junos versions are: 13.3 prior to 13.3R10; 14.1 prior to 14.1R8; 14.2 prior to 14.2R7-S6 or 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5; 15.1X49 before 15.1X49-D70; 15.1X53 before 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 before 16.1R2. 16.2R1 and all subsequent releases have a resolution for this vulnerability. Juniper Networks Works with device products Junos OS Contains a resource management vulnerability.Service operation interruption (DoS) An attack may be carried out. Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash and restart the affected device, denying service to legitimate users. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK

Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535. Vendors have confirmed this vulnerability SAP Security Note 2308535 It is released as.Information may be obtained and information may be altered. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249. SAP NetWeaver AS JAVA Is XML An external entity vulnerability exists. Vendors have confirmed this vulnerability SAP Security Note 2387249 It is released as.Information may be obtained. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions

The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities. U818A WIFI As an access point Wi-Fi A connection function is implemented. U818A WIFI Is a quadcopter that supports shooting images and videos from the air. A drone. In addition, it is possible to read and write to the entire file system in the drone. Also, U818A WIFI Is BusyBox 1.20.2 using. There is a security bypass vulnerability in DBPOWERU818A. An attacker could exploit the vulnerability to bypass security restrictions

A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. Successful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition

The SCADA system is a data acquisition and monitoring control system. BACnetOPCServer is the server software of SCADA engine. The BACnSvrTest.exe component of the BACnetOPCServer software has a DLL hijacking vulnerability due to the insecure loading of library files. An attacker can construct a malicious application and place it in a specific path to make the application maliciously load the DLL and execute arbitrary commands. DLL , Execute any command

A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and denials of service. JuniperNetworksNorthStarControllerApplication is a traffic planning controller from Juniper Networks. The controller optimizes the service provider's transport network by establishing an open industry standard protocol. An authentication bypass vulnerability exists in versions prior to JuniperNetworksNorthStarControllerApplication2.1.0ServicePack1. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. Juniper NorthStar Controller Application before version 2.1.0 Service Pack 1 are vulnerable

An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are easily decrypted, and subsequently gain complete control of the system. JuniperNetworksNorthStarControllerApplication is a traffic planning controller from Juniper Networks. The controller optimizes the service provider's transport network by establishing an open industry standard protocol. An information disclosure vulnerability exists in versions prior to JuniperNetworksNorthStarControllerApplication2.1.0ServicePack1. Successful exploits will allow attackers to bypass certain security restrictions and perform unauthorized actions. Versions prior to Juniper NorthStar Controller Application 2.1.0 Service Pack 1 are vulnerable

Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783. Vendors have confirmed this vulnerability SAP Security Note 2406783 It is released as.Information may be obtained and information may be altered. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

SAP Composite Application Framework Authorization Tool is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.

SAP NetWeaver is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information or elevate privileges. This may aid in further attacks.

Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML. QNAP QTS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. QNAPS is a network storage device from QNAP Systems. Used for home, SOHO, and SMB users. FileStation is one of the file management applications. A cross-site scripting vulnerability exists in the shared link feature of FileStation in QNAP 4.2.6build20171026 and earlier and 4.3.3build20170727 and earlier

Directory traversal vulnerability in the web-based management site on the Intellinet NFC-30ir IP Camera with firmware LM.1.6.16.05 allows remote attackers to read arbitrary files via a request to a vendor-supplied CGI script that is used to read HTML text file, but that does not do any URI/path sanitization. The Intellinet NFC-30irIP camera is a digital device based on network transmission. Intellinet NFC-30ir IP Camera is an IP network camera produced by American Intellinet company

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory. The Intellinet NFC-30irIP camera is a digital device based on network transmission. Intellinet NFC-30ir IP Camera is an IP network camera produced by American Intellinet company. A security vulnerability exists in the Intellinet NFC-30ir IP Camera

Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account. Gynoii The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Gynoii is a video surveillance device for babies. A permission acquisition vulnerability exists in Gynoii. An attacker could exploit the vulnerability to gain access to a local application

Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code. LenovoUpdates is a set of drivers and software updates from China

TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account. TRENDnet WiFi Baby Cam TV-IP743SIC Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. TRENDnetWiFiBabyCamTV-IP743SIC is a network video surveillance device for infants from TRENDnet. A permission acquisition vulnerability exists in TRENDnetWiFiBabyCamTV-IP743SIC. An attacker could exploit this vulnerability to gain root access to the operating system