VARIoT IoT vulnerabilities database
| VAR-202401-0494 | CVE-2023-50991 | Shenzhen Tenda Technology Co.,Ltd. of i29 Classic buffer overflow vulnerability in firmware |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function. Shenzhen Tenda Technology Co.,Ltd. of i29 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state.
Tenda i29 has a buffer overflow vulnerability. This vulnerability is caused by the pingIp parameter in the pingSet function failing to correctly verify the length of the input data
| VAR-202401-0491 | CVE-2023-51812 | Tenda AX3 code execution vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList. Tenda Ax3 is an Ax1800 Gigabit port dual-band Wifi 6 wireless router from China's Tenda Company
| VAR-202401-1280 | CVE-2023-32891 | Google of Android Out-of-bounds write vulnerability in products from multiple vendors such as |
CVSS V2: - CVSS V3: 6.7 Severity: MEDIUM |
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. Google of Android Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202401-1198 | CVE-2023-32890 | Input validation vulnerability in multiple MediaTek products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). LR13 , NR15 , nr16 A number of MediaTek products, including the following, contain vulnerabilities related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202401-1234 | CVE-2023-32888 | Out-of-bounds write vulnerability in multiple MediaTek products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). media tech's NR15 , nr16 , NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202401-1212 | CVE-2023-32887 | Buffer error vulnerability in multiple MediaTek products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). media tech's NR15 , nr16 , NR17 contains a buffer error vulnerability and an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202401-1179 | CVE-2023-32886 | Out-of-bounds write vulnerability in multiple MediaTek products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. media tech's NR15 , nr16 , NR17 Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202401-1328 | CVE-2023-32874 | Out-of-bounds write vulnerability in multiple MediaTek products |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893). LR13 , NR15 , nr16 A number of MediaTek products, including the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202401-0655 | CVE-2023-33030 | Out-of-bounds write vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Memory corruption in HLOS while running playready use-case. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202401-0433 | CVE-2023-33033 | Out-of-bounds write vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Memory corruption in Audio during playback with speaker protection. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202401-0564 | CVE-2023-48418 | Google of pixel watch Firmware vulnerabilities |
CVSS V2: 7.2 CVSS V3: 10.0 Severity: CRITICAL |
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a
possible way to access adb before SUW completion due to an insecure default
value. This could lead to local escalation of privilege with no additional
execution privileges needed. User interaction is not needed for
exploitation. Google of pixel watch There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel Watch is a smart watch made by the American company Google.
Google Pixel Watch privilege escalation vulnerability. This vulnerability is due to an unsafe default value flaw in the checkDebuggingDisabled function in DeviceVersionFragment.java. An attacker can use this vulnerability to obtain elevated privileges
| VAR-202401-0701 | CVE-2023-48419 | plural Google Product vulnerabilities |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege
. nest audio firmware, nest mini firmware, home mini firmware etc. Google There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202401-0651 | CVE-2023-43511 | Infinite loop vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. 315 5g iot modem firmware, 9206 lte modem firmware, APQ8017 Multiple Qualcomm products, including firmware, contain vulnerabilities related to infinite loops.Service operation interruption (DoS) It may be in a state
| VAR-202401-0144 | CVE-2023-33120 | Use of freed memory vulnerability in multiple Qualcomm products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Memory corruption in Audio when memory map command is executed consecutively in ADSP. 315 5g iot modem firmware, 9206 lte modem firmware, APQ8017 Multiple Qualcomm products, such as firmware, contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202401-0254 | CVE-2023-4164 | Google of Android Vulnerability regarding lack of authentication in |
CVSS V2: 4.9 CVSS V3: 5.5 Severity: MEDIUM |
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed. Google of Android Exists in a vulnerability related to the lack of authentication.Information may be obtained. Google Pixel Watch is a smart watch made by the American company Google.
Google Pixel Watch has an information disclosure vulnerability that allows attackers to obtain sensitive information
| VAR-202401-2674 | No CVE | Beijing StarNet Ruijie Network Technology Co., Ltd. EG2000GE has a command execution vulnerability (CNVD-2023-99966) |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000GE is a router product.
There is a command execution vulnerability in the EG2000GE of Beijing StarNet Ruijie Network Technology Co., Ltd. An attacker can use this vulnerability to gain control of the server.
| VAR-202401-2673 | No CVE | There is a command execution vulnerability in EG2000GE of Beijing StarNet Ruijie Network Technology Co., Ltd. |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000GE is a router product.
There is a command execution vulnerability in the EG2000GE of Beijing StarNet Ruijie Network Technology Co., Ltd. An attacker can use this vulnerability to gain control of the server.
| VAR-202312-2529 | CVE-2023-50651 | TOTOLINK of x6000r in the firmware OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi. TOTOLINK of x6000r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. The vulnerability is caused by the failure of the component /cgi-bin/cstecgi.cgi to correctly filter special characters, commands, etc. in the constructed command
| VAR-202312-2654 | CVE-2023-51136 | TOTOLINK of x2000r Out-of-bounds write vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. TOTOLINK of x2000r An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X2000R is a wireless router produced by China's TOTOLINK Electronics.
TOTOLINK X2000R has a buffer overflow vulnerability. The vulnerability is caused by the function formRebootSchedule failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
| VAR-202312-2564 | CVE-2023-51135 | TOTOLINK of x2000r Out-of-bounds write vulnerability in firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup. TOTOLINK of x2000r An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X2000R is a wireless router produced by China's TOTOLINK Electronics.
TOTOLINK X2000R has a buffer overflow vulnerability. The vulnerability is caused by the function formPasswordSetup failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service