VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201411-0549 No CVE Multiple D-Link Products WPS-PIN Information Disclosure Vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
D-Link DIR-655, D-Link DIR-628 and D-Link DIR-615 are D-Link wireless router products. An information disclosure vulnerability exists in several D-Link products. An attacker could use this vulnerability to obtain sensitive information and gain unauthorized access to the device. The following products and versions are affected: D-Link DIR-655 0, D-Link DIR-628 0, D-Link DIR-615 4.13B01, D-Link DIR-615 0. Successfully exploiting this issue may lead to further attacks
VAR-201410-1422 No CVE ZTE ZXDSL 531BII 'ntwksum2.cgi' HTML Injection Vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
ZTE ZXDSL is an ADSL device. ZTE ZXDSL 531BII is a wireless cat router product of China ZTE Corporation. There is an HTML injection vulnerability in ZTE ZXDSL 531BII, which originates from the program's insufficient filtering of input submitted by users. When a user browses an affected website, their browser executes arbitrary script code provided by the attacker. This could lead to attackers stealing cookie-based authentication and launching other attacks. Vulnerabilities exist in ZXDSL 531BII using V7.3.0f_D09_IN firmware, other versions may also be affected
VAR-201411-0433 CVE-2014-8243 Linksys SMART WiFi firmware contains multiple vulnerabilities CVSS V2: 3.3
CVSS V3: -
Severity: LOW
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI. In addition, JVNVU#96488651 Then CWE-320 It is published as CWE-320: Key Management Errors https://cwe.mitre.org/data/definitions/320.htmlBy a third party /.htpasswd URI Via a direct request to MD5 A password hash may be obtained. This may aid in further attacks
VAR-201410-0764 CVE-2014-2336 Fortinet FortiManager and FortiAnalyzer of Web User Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335. FortiManager and FortiAnalyzer are prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to FortiManager and FortiAnalyzer 5.0.7 are vulnerable. Both Fortinet FortiManager and FortiAnalyzer are products of Fortinet. Fortinet FortiManager is a centralized network security management solution. FortiAnalyzer is a centralized network security reporting solution
VAR-201411-0434 CVE-2014-8244 Linksys SMART WiFi firmware contains multiple vulnerabilities CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request. Linksys EA series routers running the Linksys SMART WiFi firmware contain multiple vulnerabilities. This may aid in further attacks
VAR-201411-0419 CVE-2014-5417 LANTIME M-Series Runs on the device Meinberg NTP Server firmware cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: HIGH
Cross-site scripting (XSS) vulnerability in Meinberg NTP Server firmware on LANTIME M-Series devices 6.15.019 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. LANTIME M-Series servers are prone to an unspecified cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. LANTIME M-Series 6.15.019 and prior are vulnerable. Meinberg Radio Clocks LANTIME M-Series Servers is an NTP server (computer time synchronization) product of the LANTIME M series of Meinberg Radio Clocks in Germany
VAR-201411-0282 CVE-2014-7875 HP LaserJet CM3530 Multifunction Printer CC519A and CC520A Vulnerability in which important information is obtained in the firmware of CVSS V2: 9.0
CVSS V3: -
Severity: HIGH
Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. (DoS) There is a possibility of being put into a state. HP FutureSmart LaserJet Printers are laser printer devices from Hewlett Packard. An attacker could exploit this vulnerability for a denial of service attack. Exploiting this issue allows remote attackers to gain unauthorized access and trigger denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04483249 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04483249 Version: 1 HPSBPI03147 rev.1 - Certain HP Color LaserJet Printers, Remote Unauthorized Access, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. References: CVE-2014-7875 SSRT101766 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION below for a list of impacted products. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-7875 (AV:N/AC:L/Au:N/C:P/I:P/A:C) 9.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided firmware updates for impacted printers as set forth in the table below. To obtain the updated firmware, go to www.hp.com and follow these steps: Select "Drivers & Software". - Enter the appropriate product name listed in the table below into the search field. - Click on "Search". - Click on the appropriate product. - Under "Select operating system" click on "Cross operating system (BIOS, Firmware, Diagnostics, etc.)" Note: If the "Cross operating system ..." link is not present, select applicable Windows operating system from the list. - Select the appropriate firmware update under "Firmware". Product Name Model Number Firmware Revision HP LaserJet CM3530 Multifunction Printer CC519A, CC520A v.53.236.2 or a more recent version HISTORY Version:1 (rev.1) - 30 October 2014 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlRSbX8ACgkQ4B86/C0qfVkesACg1VzlkbeG5YbyfurS9Iv+EImB vSoAn3rU58PQ7zdH5mChpMRO5LkdNy8T =qSxc -----END PGP SIGNATURE-----
VAR-201410-0763 CVE-2014-2335 Fortinet FortiManager of Web User Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336. FortiManager and FortiAnalyzer are prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to FortiManager and FortiAnalyzer 5.0.7 are vulnerable. Fortinet FortiManager is a centralized network security management platform developed by Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains (ADOMs) to further simplify multi-device security deployment and management
VAR-201410-0992 CVE-2014-3366 Cisco Unified Communications Manager Management Web In the interface SQL Injection vulnerability CVSS V2: 6.5
CVSS V3: -
Severity: MEDIUM
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089. An authenticated attacker can leverage this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is tracked by Cisco Bug ID CSCup88089. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution
VAR-201410-0996 CVE-2014-3372 Cisco Unified Communications Manager Server CCM reports Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuq90589. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. The vulnerability stems from the fact that the program does not correctly verify the parameters passed by the HTTP GET and POST methods. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML
VAR-201410-0997 CVE-2014-3373 Cisco Unified Communications Manager Server CCM Dialed Number Analyzer Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550. Vendors have confirmed this vulnerability Bug ID CSCup92550 It is released as.By any third party through unspecified parameters Web Script or HTML May be inserted. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCup92550. Cisco Unified Communications Manager (CUCM, Unified CM, CallManager) is a call processing component in a unified communication system of Cisco (Cisco). This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. The vulnerability stems from the fact that the program does not properly verify the parameters passed by the HTTP GET and POST methods. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML
VAR-201410-0998 CVE-2014-3374 Cisco Unified Communications Manager Server CCM admin Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90582. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuq90582. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. The vulnerability stems from the fact that the program does not correctly verify the parameters passed by the HTTP GET and POST methods. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML
VAR-201410-0999 CVE-2014-3375 Cisco Unified Communications Manager Server CCM Service Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuq90597. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution
VAR-201411-0418 CVE-2014-5408 Nordex NC2 'username' Parameter Cross-Site Scripting Vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: HIGH
Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 (NC2) SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter. Nordex Control 2 is a fan control system. Nordex Control 2 (NC2) A cross-site scripting vulnerability exists in versions prior to SCADA 16. Because the program failed to properly filter the 'username' parameter, remote attackers exploited the vulnerability to build malicious URIs, enticing users to parse, get sensitive cookies, hijack sessions or Malicious operations on the client. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Nordex NC2 (also known as Nordex Control 2) is a set of SCADA (Data Acquisition and Supervisory Control) system used in the wind power industry by Nordex, Germany. Wind Farm Portal is a wind farm control portal based on this system
VAR-201411-0077 CVE-2014-2374 Accuenergy Acuvim II for AXN-NET Ethernet Module accessory vulnerability CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. Accuenergy Acuvim II is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to potentially sensitive information.This may lead to further attacks. AXN-NET Ethernet module 3.04 is vulnerable; other versions may also be affected
VAR-201411-0076 CVE-2014-2373 Accuenergy Acuvim II for AXN-NET Ethernet Run on module accessories Web server Vulnerabilities that bypass authentication CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. Accuenergy Acuvim II for AXN-NET Ethernet Run on module accessories Web server Contains a vulnerability that prevents authentication and changes its settings.Unspecified by a third party URL Authentication may be bypassed and settings may be changed via direct requests to. Accuenergy Acuvim II is prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. AXN-NET Ethernet module 3.04 is vulnerable; other versions may also be affected
VAR-201410-0762 CVE-2014-2334 Fortinet FortiAnalyzer of Web User Interface cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336. FortiManager and FortiAnalyzer are prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to FortiManager and FortiAnalyzer 5.0.7 are vulnerable. Fortinet FortiAnalyzer is a centralized network security reporting solution from Fortinet. This solution is mainly used to collect network log data, and analyze, report, and archive the security events, network traffic, and Web content in the logs through the report suite
VAR-201703-0426 CVE-2014-7279 Konke Smart Plug Vulnerability that can acquire device management rights CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain "equipment management authority" via TCP traffic to port 23. The Konke Smart Plug is a smart home product. The Konke Smart Plug has a remote authentication bypass vulnerability. An attacker could exploit this vulnerability to bypass certain security restrictions and obtain sensitive information. Successful exploits may lead to other attacks
VAR-201411-0415 CVE-2014-5430 ABB RobotStudio and Test Signal Viewer Vulnerability gained in CVSS V2: 6.9
CVSS V3: -
Severity: MEDIUM
Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.61.02 and Test Signal Viewer 1.5 allows local users to gain privileges via a Trojan horse DLL that is accessed as a result of incorrect DLL configuration by an optional installation program. Supplementary information : CWE Vulnerability type by CWE-427: Uncontrolled Search Path Element ( Uncontrolled search path elements ) Has been identified. ABB is a leader in power and automation technology. ABB is committed to providing efficient and reliable solutions for a wide range of industries in terms of energy efficiency, industrial productivity and grid stability. A local code execution vulnerability exists in multiple ABB products that can be exploited by local attackers to execute arbitrary code. RobotStudio is a set of robot offline programming and simulation software
VAR-201411-0467 CVE-2014-8582 FortiADC-E Unauthorized Access Vulnerability CVSS V2: 6.4
CVSS V3: -
Severity: MEDIUM
FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors. FortiADC-E is an application delivery controller developed by the company. FortiADC-E has security vulnerabilities that allow non-privileged users to inject messages into the FortiADC-E-configured network or with hosts configured on the FortiADC-E network. FortiADC-E is prone to an unauthorized-access vulnerability. Successful exploits will allow attackers to gain unauthorized access to network resources, which may aid in further attacks. Fortinet FortiADC-E and Coyote Point Equalizer are both Fortinet's application delivery controllers, which can optimize network availability, user experience, mobile performance and cloud-based enterprise application control, and enhance server efficiency and reduce Data center network complexity and cost