VARIoT IoT vulnerabilities database

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. TOTOLINK of CP900L Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. No detailed vulnerability details are currently provided

A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb686c` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations. P3-550E firmware, P3-550 firmware, P3-530 firmware etc. AutomationDirect The product contains a vulnerability related to out-of-bounds writes.Information is tampered with and service operation is interrupted (DoS) It may be in a state. AutomationDirect P3-550E is a programmable control system (PLC) of AutomationDirect, Inc., USA

A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger this vulnerability. P3-550E firmware, P3-550 firmware, P3-530 firmware etc. AutomationDirect There are unspecified vulnerabilities in the product.Information may be obtained. AutomationDirect P3-550E is a programmable control system (PLC) of AutomationDirect, Inc. of the United States

A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this vulnerability. P3-550E firmware, P3-550 firmware, P3-530 firmware etc. AutomationDirect There are unspecified vulnerabilities in the product.Information is tampered with and service operation is interrupted (DoS) It may be in a state. AutomationDirect P3-550E is a programmable control system (PLC) of AutomationDirect, Inc. of the United States

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules. TOTOLINK of CP900L Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. TOTOLINK CP900L has a stack buffer overflow vulnerability. The vulnerability is caused by the desc parameter of the SetPortForwardRules function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth. TOTOLINK of CP900L A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. There is a buffer overflow vulnerability in the TOTOLINK CP900L v4.1.5cu.798_B20221228 version. The vulnerability is caused by the password parameter of the loginAuth function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules. TOTOLINK of CP900L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. TOTOLINK CP900L v4.1.5cu.798_B20221228 has a stack overflow vulnerability. The vulnerability is caused by the failure of the desc parameter in the function setMacFilterRules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of CP900L Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics

HP DesignJet T730 is a printer. HP DesignJet T730 of HP Trading (Shanghai) Co., Ltd. has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode. TOTOLINK of nr1800x A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is a 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. It is designed to provide fast and convenient NR fixed data service deployment for homes and offices. TOTOLINK NR1800X v9.1.0u.6681_B20230703 version has a buffer overflow vulnerability. The vulnerability is caused by the password parameter in the urldecode function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. TOTOLINK of lr350 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK LR350 is a wireless router produced by China's TOTOLINK Electronics. TOTOLINK LR350 has a buffer overflow vulnerability. The vulnerability is caused by the http_host parameter in the loginAuth function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root. TOTOLINK of CP900L A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. TOTOLINK CP900L has a hard-coded password vulnerability, which is caused by the hard-coded password in /web_cste/cgi-bin/product.ini

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. TOTOLINK of CP900L A vulnerability exists in the firmware related to the use of hardcoded passwords.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900L is a wireless router from China's TOTOLINK Electronics. TOTOLINK CP900L has a hard-coded password vulnerability, which is caused by the inclusion of a hard-coded password in /etc/shadow.sample

Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand. Shenzhen Tenda Technology Co.,Ltd. of fh1206 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the cmdinput parameter of ip/goform/formexeCommand failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to execute arbitrary commands on the system

Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac. Shenzhen Tenda Technology Co.,Ltd. of fh1206 A code injection vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute arbitrary commands

D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21294. D-Link Systems, Inc. of G416 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link G416 is a wireless router from D-Link, a Chinese company. D-Link G416 has a code execution vulnerability, which is caused by the application failing to properly filter special elements in the constructed code segment

D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi program, which handles HNAP requests made to the lighttpd webserver listening on ports 80 and 443. The issue results from the lack of proper memory management when processing HTTP cookie values. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-21668. D-Link Systems, Inc. of DIR-3040 A vulnerability exists in firmware related to lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. D-Link DIR-3040 is a router of D-Link, a Chinese company. It provides the function of connecting to the network. The vulnerability is caused by not releasing or failing to release dynamically allocated heap memory

D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within prog.cgi, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21853. D-Link Systems, Inc. (DoS) It may be in a state. D-Link DIR-2640 is a high-power Wi-Fi router from D-Link, a Chinese company. D-Link DIR-2640 has a buffer overflow vulnerability. The vulnerability is caused by the program failing to properly verify the length of the input data

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21235. D-Link Systems, Inc. of DIR-2150 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-2150 is a wireless router from D-Link, a Chinese company. D-Link DIR-2150 has a code execution vulnerability, which is caused by the application failing to properly filter special elements in the constructed code segment

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265833 was assigned to this vulnerability. ARRIS Group of ARRIS VAP2500 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state