VARIoT IoT vulnerabilities database

Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability. This vulnerability allows a remote attacker to execute commands and retrieve information such as usernames and plaintext passwords from the device with no authentication. Siklu EtherHaul The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. WirelessGearSikluEtherHaulradios is a set of radio equipment for commercial services of WirelessGear Corporation of the United States. An attacker can exploit this issue to execute arbitrary commands within the context of the affected application. Failed exploits might result in denial-of-service conditions

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "libxslt" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Attackers can exploit these issues to execute arbitrary code and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. libxslt is an XSLT (XML language for defining XML transformations) C library developed for the GNOME project

Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges. Lenovo CCSDK is prone to a local privilege-escalation vulnerability. Versions prior to CCSDK 2.0.16.3 are vulnerable

VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthenticated attacker could bypass the authentication by sending a crafted HTTP request. 5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system. VCM5010 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. VCM5010 is a video content management platform of China Huawei, which is an integrated video big data analysis device. Huawei VCM5010 is prone to following security vulnerabilities: 1. A remote command injection vulnerability 2. An authentication bypass vulnerability Attackers can exploit these issues to execute arbitrary commands, upload arbitrary files, or bypass the authentication mechanism and perform unauthorized actions. Other attacks may also be possible. Versions prior to VCM5010 V100R002C50SPC100 are vulnerable

VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user's input. An authenticated attacker could launch a command injection attack. VCM5010 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. VCM5010 is a video content management platform of China Huawei, which is an integrated video big data analysis device. Huawei VCM5010 is prone to following security vulnerabilities: 1. An arbitrary file upload vulnerability 3. An authentication bypass vulnerability Attackers can exploit these issues to execute arbitrary commands, upload arbitrary files, or bypass the authentication mechanism and perform unauthorized actions. Other attacks may also be possible. Versions prior to VCM5010 V100R002C50SPC100 are vulnerable

VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system. VCM5010 Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. VCM5010 is a video content management platform of China Huawei, which is an integrated video big data analysis device. Huawei VCM5010 is prone to following security vulnerabilities: 1. A remote command injection vulnerability 2. An authentication bypass vulnerability Attackers can exploit these issues to execute arbitrary commands, upload arbitrary files, or bypass the authentication mechanism and perform unauthorized actions. Other attacks may also be possible. Versions prior to VCM5010 V100R002C50SPC100 are vulnerable

Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. Hitachi Device Manager is a software that manages multiple Hitachi storage systems through a single console and provides a logical view function to coordinate storage assets with business applications. Replication Manager is a software for storage area management. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks

TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could trick the user into installing a malicious application to call the interface and modify the system properties. TIT-AL00 Smartphone software contains vulnerabilities related to the disclosure of dangerous methods and functions.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. Huawei enjoys 5 is the smartphone of China Huawei. There is a design flaw in the previous version of Huawei mobile phone TIT-AL00C583B214. Huawei TIT-AL00 is prone to a local security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. Versions prior to TIT-AL00 TIT-AL00C583B214 are vulnerable

Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. Trango Altum AC600 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The TrangoAltumAC600 is an access point and client device for wireless Ethernet bridging applications and outdoor Wi-Fi/hotspot deployments at TrangoSystems, USA. Trango Altum AC600 Devices are prone to an insecure default-password vulnerability. This may aid in further attacks. All Trango Altum AC600 Devices are vulnerable

Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. plural Trango The product contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Multiple Trango devices are prone to an insecure default-password vulnerability. Remote attackers with knowledge of the default credentials may exploit this vulnerability to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. Prologix Trango Apex Lynx, etc. are all products of UAE Prologix company. Apex Lynx is an outdoor microwave backhaul system. Apex Orion is a full-duplex point-to-point radio link for use in Apex Lynx. A security vulnerability exists in several Prologix Trango products. The following products and versions are affected: Prologix Trango Apex Lynx Version 2.0, Apex Orion Version 2.0, Giga Lynx Version 2.0, Giga Orion Version 2.0, StrataLink Version 3.0

Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the device, allowing full control over it. Siklu EtherHaul Radios are vulnerable to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. WirelessGearSikluEtherHaulradios is a set of radio equipment for commercial services of WirelessGear Corporation of the United States. A security vulnerability exists in versions prior to WirelessGearSikluEtherHaulradios 3.7.1 and in 6.x prior to 6.9.0. The vulnerability is due to the fact that the passwords used by all devices cannot be changed. Siklu EtherHaul radios are prone to an insecure default-password vulnerability. This may aid in further attacks

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file. Honeywell IntermecPM23 and others are printers of Honeywell International. A security vulnerability exists in versions prior to the Honeywell Intermec printer 10.11.013310 and 10.12.x prior to 10.12.013309. A local attacker can exploit this vulnerability to implement a BusyBoxjailbreak attack and gain root privileges. Honeywell Intermec Industrial Printers are prone to a local privilege-escalation vulnerability. Honeywell Intermec PM23, etc. The following products are affected: Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, PC42

An issue was discovered in Contiki Operating System 3.0. A Persistent XSS vulnerability is present in the MQTT/IBM Cloud Config page (aka mqtt.html) of cc26xx-web-demo. The cc26xx-web-demo features a webserver that runs on a constrained device. That particular page allows a user to remotely configure that device's operation by sending HTTP POST requests. The vulnerability consists of improper input sanitisation of the text fields on the MQTT/IBM Cloud config page, allowing for JavaScript code injection. Contiki Operating System Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Contiki is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. Contiki 3.0 is vulnerable; other versions may also be affected

An issue was discovered in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output processing function. This resulted in a board crash, which can be used to perform denial of service. Contiki Operating System Contains a vulnerability in the use of freed memory.Service operation interruption (DoS) There is a possibility of being put into a state

Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information. SiemensRuggedCom's ROX-based firewall devices are used to connect devices in harsh environments such as substations, traffic management chassis, and more. Siemens RUGGEDCOM ROX I is prone to the following security vulnerabilities: : 1. A HTML-injection vulnerability 2. A cross-site scripting vulnerability 3. An information-disclosure vulnerability 4. An authorization-bypass vulnerability 5. A cross-site request-forgery vulnerability An attacker may leverage these issues to execute HTML and script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, perform certain unauthorized actions actions, gain unauthorized access, or bypass certain security restrictions

Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link. SiemensRuggedCom's ROX-based firewall devices are used to connect devices in harsh environments such as substations, traffic management chassis, and more. Siemens RUGGEDCOM ROX I is prone to the following security vulnerabilities: : 1. A HTML-injection vulnerability 2. An information-disclosure vulnerability 4. An authorization-bypass vulnerability 5. A cross-site request-forgery vulnerability An attacker may leverage these issues to execute HTML and script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, perform certain unauthorized actions actions, gain unauthorized access, or bypass certain security restrictions

The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF. SiemensRuggedCom's ROX-based firewall devices are used to connect devices in harsh environments such as substations, traffic management chassis, and more. SiemensRUGGEDCOMROXI has a privilege escalation vulnerability. Siemens RUGGEDCOM ROX I is prone to the following security vulnerabilities: : 1. A cross-site request-forgery vulnerability An attacker may leverage these issues to execute HTML and script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, perform certain unauthorized actions actions, gain unauthorized access, or bypass certain security restrictions

Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings. SiemensRuggedCom's ROX-based firewall devices are used to connect devices in harsh environments such as substations, traffic management chassis, and more. Siemens RUGGEDCOM ROX I is prone to the following security vulnerabilities: : 1. A HTML-injection vulnerability 2. A cross-site scripting vulnerability 3. An information-disclosure vulnerability 4. An authorization-bypass vulnerability 5. A cross-site request-forgery vulnerability An attacker may leverage these issues to execute HTML and script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, perform certain unauthorized actions actions, gain unauthorized access, or bypass certain security restrictions

Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors. ASSA ABLOY APTUS Styra Porttelefonkort 4400 Has unspecified vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASSA ABLOY APTUS Styra Porttelefonkort is a door lock unit communication card product of ASSA ABLOY Group in Sweden. A security vulnerability exists in ASSA ABLOY APTUS Styra Porttelefonkort. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

The D-LinkDSL-2640B is a router device. The D-LinkDSL-2640BDNS has an authentication bypass vulnerability that exists in the web interface and allows an attacker to exploit the vulnerability to bypass authentication for unauthorized access.