VARIoT IoT vulnerabilities database

WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information. WAVLINK of WL-WN551K1 The firmware contains a vulnerability that could lead to the disclosure of sensitive information through data queries.Information may be obtained. WAVLINK WN551K1 is a wireless router from WAVLINK, a Chinese company. WAVLINK WN551K1 has an information leakage vulnerability. The vulnerability is caused by improper authorization in the live_mfg.shtml interface

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi. WAVLINK WN551K1 is a wireless router from WAVLINK, a Chinese company. No detailed vulnerability details are currently available

An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. WAVLINK of WL-WN551K1 The firmware contains a vulnerability that could lead to the disclosure of sensitive information through data queries.Information may be obtained. WAVLINK WN551K1 is a wireless router from WAVLINK, a Chinese company. WAVLINK WN551K1 has an information leakage vulnerability

Buffer Overflow vulnerability in ASUS router RT-AX88U with firmware versions v3.0.0.4.388_24198 allows a remote attacker to execute arbitrary code via the connection_state_machine due to improper length validation for the cookie field. ASUS RT-AX88U is a wireless router from ASUS, a Chinese company. ASUS RT-AX88U v3.0.0.4.388_24198 has a buffer overflow vulnerability, which is caused by a boundary error when the application processes untrusted input

Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2.

RG-UAC 6000-E20C is an Internet behavior management and auditing product. RG-UAC 6000-E20C of Beijing Xingwang Ruijie Network Technology Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to obtain server permissions.

Beijing StarNet Ruijie Network Technology Co., Ltd. NBR6210-E is a router product. Beijing StarNet Ruijie Network Technology Co., Ltd. NBR6210-E has a command execution vulnerability, which can be exploited by attackers to gain control of the server.

Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the USB host driver. A crafted USB configuration descriptor can trigger an overflow of a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23185. Sony Corporation's xav-ax5500 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SONY XAV-AX5500 is a 7-inch in-vehicle central control device with multiple functions and advanced technical features

Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WMV/ASF files. A crafted Extended Content Description Object in a WMV media file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-22994. SONY XAV-AX5500 is a 7-inch in-vehicle central control device with multiple functions and advanced technical features

Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23238. SONY XAV-AX5500 is a 7-inch in-vehicle central control device with multiple functions and advanced technical features

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of software updates. The issue results from the lack of proper validation of software update packages. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-22939. (DoS) It may be in a state. SONY XAV-AX5500 is a 7-inch in-vehicle central control device with multiple functions and advanced technical features

A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function. TOTOLINK of a6000r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A6000R is a wireless router from China's TOTOLINK Electronics. No detailed vulnerability details are currently available

A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda of a301 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations. ZTE of ZXHN H388X A vulnerability exists in the firmware related to improperly preserving permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ZTE ZXHN H388X is a router produced by ZTE

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages. TP-LINK Technologies of TL-7DR5130 The firmware contains a vulnerability related to violation of the same origin policy.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TP-Link TL-7DR5130 is a wireless router from China's TP-LINK company

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. gv-dsp lpr firmware, GV_IPCAMD_GV_BX130 firmware, GV_IPCAMD_GV_BX1500 firmware etc. GeoVision The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. Rockwell Automation of FactoryTalk View Contains a vulnerability in improper permission assignment for critical resources.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation of the United States

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog . TRENDnet of TEW-814DAP A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TRENDnet TEW-814DAP is a wireless access point from the US company TRENDnet. This vulnerability stems from the failure to properly validate the length of input data in the submit-url parameter at /formSysLog

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth . TRENDnet of TEW-814DAP A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TRENDnet TEW-814DAP is a wireless access point from the US company TRENDnet. This vulnerability stems from the failure to properly validate the length of input data in the submit-url parameter at /formPasswordAuth

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without proper authentication verification