VARIoT IoT vulnerabilities database

A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250705 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda of PA6 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda PA6 Wi-Fi Powerline extender is a wireless network range extender from the Chinese company Tenda. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause Denial of service attack

A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250704. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the mac parameter of the /goform/SetOnlineDevName file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250703. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the devName parameter of the /goform/SetOnlineDevName file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapsk_crypto2_4g/wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the wpapsk_crypto2_4g parameter of the /goform/WifiExtraSet file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of A15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the deviceList parameter of the /goform/setBlackRule file failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface. TOTOLINK EX1800T is a Wi-Fi range extender from China's Zeon Electronics (TOTOLINK) company. An attacker could exploit this vulnerability to execute arbitrary commands on the system

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function. TOTOLINK A3300R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. D-Link DIR-822 is a wireless router made by China D-Link Company. D-Link DIR-822+ V1.0.2 version has an access control error vulnerability

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell. D-Link Electronic Equipment (Shanghai) Co., Ltd. DIR-822 is a wireless router made by China D-Link Company. There is a command injection vulnerability in the DIR-822+ V1.0.2 version of D-X Electronic Equipment (Shanghai) Co., Ltd. The vulnerability is caused by the SetStaticRouteSettings function failing to correctly filter special characters, commands, etc. in the constructed command

TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the "main" function. TOTOLINK EX1200T is a Wi-Fi range extender from China's Zeon Electronics (TOTOLINK) company. TOTOLINK EX1200T V4.1.2cu.5232_B20210713 version has a command injection vulnerability. This vulnerability is caused by the failure of the main method to correctly filter special characters, commands, etc. in the constructed command

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. TOTOLINK A3700R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. There is a command injection vulnerability in the TOTOLINK A3700R v9.1.2u.5822_B20200513 version. The vulnerability is caused by the UploadFirmwareFile method failing to correctly filter special characters, commands, etc. in the constructed command

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function. TOTOLINK A3700R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK A3700R v9.1.2u.5822_B20200513 version has a command injection vulnerability. This vulnerability is caused by the setOpModeCfg method failing to correctly filter special characters, commands, etc. in the constructed command

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. TOTOLINK A3700R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK A3700R v9.1.2u.5822_B20200513 version has a command injection vulnerability. The vulnerability is caused by the setDiagnosisCfg method failing to correctly filter special characters, commands, etc. in the constructed command

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. TOTOLINK A3700R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. There is a command injection vulnerability in the TOTOLINK A3700R v9.1.2u.5822_B20200513 version. The vulnerability is caused by the setTracerouteCfg method failing to correctly filter special characters, commands, etc. in the constructed command

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. TOTOLINK A3700R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. There is a command injection vulnerability in the TOTOLINK A3700R v9.1.2u.5822_B20200513 version. The vulnerability is caused by the failure of the NTPSyncWithHost method to correctly filter special characters, commands, etc. in the constructed command