VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202410-3480 CVE-2024-48271 D-Link Systems, Inc.  of  dsl6740c  Weak password requirement vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the device via a bruteforce attack. D-Link Systems, Inc. of dsl6740c A weak password requirement vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-2653 CVE-2024-51258 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-3436 CVE-2024-51301 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the packet_monitor function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-3317 CVE-2024-51300 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the get_rrd function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-3568 CVE-2024-51299 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the dumpSyslog function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-2536 CVE-2024-51298 DrayTek Corporation  of  Vigor3900  Code injection vulnerability in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doGRETunnel function. DrayTek Corporation of Vigor3900 A code injection vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-3318 CVE-2024-51296 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the pingtrace function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-3569 CVE-2024-51257 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doCertificate function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-2755 CVE-2024-51304 DrayTek Corporation  of  Vigor3900  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ldap_search_dn function. DrayTek Corporation of Vigor3900 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-3268 CVE-2024-22066 plural  ZTE  In the product  Capture-replay  Authentication Bypass Vulnerability CVSS V2: -
CVSS V3: 6.5
Severity: MEDIUM
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device. ZXR10 1800-2S firmware, zxr10 2800-4 firmware, zxr10 3800-8 firmware etc. ZTE The product has Capture-replay An authentication bypass vulnerability exists.Information may be obtained
VAR-202410-2938 CVE-2024-45656 CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP.
VAR-202410-2677 CVE-2024-48826 Shenzhen Tenda Technology Co.,Ltd.  of  AC7  in the firmware  OS  Command injection vulnerability CVSS V2: 7.7
CVSS V3: 8.8
Severity: HIGH
Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. Shenzhen Tenda Technology Co.,Ltd. of AC7 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC7 has a command injection vulnerability, which is caused by ate_iwpriv_set failing to properly filter special characters and commands in constructing commands
VAR-202410-3361 CVE-2024-48825 Shenzhen Tenda Technology Co.,Ltd.  of  AC7  in the firmware  OS  Command injection vulnerability CVSS V2: 7.7
CVSS V3: 8.8
Severity: HIGH
Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. Shenzhen Tenda Technology Co.,Ltd. of AC7 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC7 has a command injection vulnerability, which is caused by ate_ifconfig_set failing to properly filter special characters and commands in constructing commands
VAR-202410-3028 CVE-2024-48074 DrayTek Corporation  of  Vigor2960  in the firmware  OS  Command injection vulnerability CVSS V2: -
CVSS V3: 8.0
Severity: HIGH
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function. DrayTek Corporation of Vigor2960 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202410-1948 CVE-2024-10434 Shenzhen Tenda Technology Co.,Ltd.  of  ac1206  Out-of-bounds write vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. of ac1206 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter arg of the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 in the file /goform/ate failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202410-3651 No CVE Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR2500D-E has a command execution vulnerability (CNVD-2024-45058) CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
‌NBR2500D-E is a community smart router launched by Ruijie Networks, mainly used in scenarios such as corporate Internet cafes. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR2500D-E has a command execution vulnerability, which can be exploited by attackers to gain control of the server.
VAR-202410-3611 CVE-2024-48459 Tenda AX2 Pro Operating System Command Injection Vulnerability CVSS V2: 7.7
CVSS V3: 7.3
Severity: HIGH
A command execution vulnerability exists in the AX2 Pro home router produced by Shenzhen Tenda Technology Co., Ltd. (Jixiang Tenda) v.DI_7003G-19.12.24A1V16.03.29.50;V16.03.29.50;V16.03.29.50. An attacker can exploit this vulnerability by constructing a malicious payload to execute commands and further obtain shell access to the router's file system with the highest privileges
VAR-202410-2617 CVE-2024-10387 Rockwell Automation  of  thinmanager  Vulnerability in CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in Denial-of-Service. Rockwell Automation of thinmanager Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, USA. It allows thin clients to be assigned to multiple remote desktop servers at the same time. Rockwell Automation ThinManager has a denial of service vulnerability
VAR-202410-3402 CVE-2024-10386 Rockwell Automation  of  thinmanager  Vulnerability in CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation. Rockwell Automation of thinmanager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, USA. It allows thin clients to be assigned to multiple remote desktop servers at the same time
VAR-202410-3624 CVE-2024-47041 Google  of  Android  Out-of-bounds read vulnerability in CVSS V2: 9.0
CVSS V3: 7.8
Severity: HIGH
In valid_address of syscall.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Google of Android Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smartphone produced by Google in the United States. Google Pixel has a buffer overflow vulnerability, which is caused by incorrect boundary checking in valid_address of syscall.c. Attackers can exploit this vulnerability to cause out-of-bounds reading