VARIoT IoT vulnerabilities database

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device. Siemens' simatic cn 4100 contains a vulnerability related to the use of default credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC CN 4100 is a communication node that can connect to third-party systems

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition. Siemens' simatic cn 4100 Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. SIMATIC CN 4100 is a communication node that can connect to third-party systems. Siemens SIMATIC CN 4100 has an input validation error vulnerability that can be exploited by attackers to cause a denial of service

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up. SIMATIC CN 4100 is a communication node that can connect to third-party systems

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access. Spectrum Power 7 provides the basic components of SCADA, communication and data modeling for control and monitoring systems. Application suites can be added to optimize network and power generation management in all energy management areas

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps. By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privileges during device startup. The SICAM A8000 rtu (remote terminal unit) series is a modular device family for telecontrol and automation applications in all energy supply sectors

Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. Tenda A18 is an AC1200 dual-band Wi-Fi repeater from China's Tenda Company. Tenda A18 v15.13.07.09 version has a buffer overflow vulnerability. This vulnerability is caused by the devName parameter in the formSetDeviceName function failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of Service attacks

An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings. TRENDnet TV-IP1314PI is a wireless network camera from the American Trend Network (TRENDnet) company. TRENDnet TV-IP1314PI has a command injection vulnerability. An attacker can use this vulnerability to cause command injection

A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci. TRENDnet TV-IP1314PI is a wireless network camera from the American Trend Network (TRENDnet) company. TRENDnet TV-IP1314PI has a buffer overflow vulnerability

A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from the Chinese company Zeon Electronics (TOTOLINK). Designed to provide fast and easy deployment of NR fixed data services to homes and offices. Totolink NR1800X version 9.1.0u.6279_B20210910 has a buffer overflow vulnerability. The vulnerability originates from the failure of the function loginAuth in the file /cgi-bin/cstecgi.cgi to correctly verify the length of the input data. A remote attacker can exploit this vulnerability on the system. Execute arbitrary code or cause a denial of service attack

A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249853 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK N350RT is a small home router from China's Zeon Electronics (TOTOLINK) company. A remote attacker can exploit this vulnerability on the system. Execute arbitrary code or cause a denial of service attack

Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality. SAP of SAP NetWeaver Exists in unspecified vulnerabilities.Information may be obtained

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.

A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-249852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of n350rt A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N350RT is a small home router from China's Zeon Electronics (TOTOLINK) company. This vulnerability originates from the failure of the password parameter of the loginAuth function in the /cgi-bin/cstecgi.cgi page to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system. or result in a denial of service attack

A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249862 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of N200RE The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N200RE is a router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK N200RE 9.3.5u.6139_B20201216 version has an operating system command injection vulnerability. The vulnerability originates from the failure of the host_time parameter of the NTPSyncWithHost function of the /cgi-bin/cstecgi.cgi page to correctly filter special characters, commands, etc. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of N200RE The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249864. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of N200RE The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249863. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of N200RE The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler. The manipulation of the argument v33 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249769 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of n350rt An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N350RT is a small home router produced by China's TOTOLINK Electronics Company. The vulnerability is caused by the fact that the parameter v33 of the function main in /cgi-bin/cstecgi.cgi?action=login&flag=1 fails to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service attack

A vulnerability, which was classified as critical, has been found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v8 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249770 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of n350rt An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N350RT is a small home router from China's Zeon Electronics (TOTOLINK) company. TOTOLINK N350RT version 9.3.5u.6139_B20201216 has a buffer overflow vulnerability. The vulnerability originates from the failure of the parameter v8 of the main function in the file /cgi-bin/cstecgi.cgi?action=login to correctly verify the length of the input data. A remote attacker This vulnerability can be exploited to execute arbitrary code on the system or cause a denial of service attack

A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of x2000r An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X2000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack