VARIoT IoT vulnerabilities database

Pebble is a smart watch that supports dual systems for Android and iOS. A denial of service vulnerability exists in Pebble Smartwatch for Android/iOS. Allows a remote attacker to cause a factory reset on the device.

Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. The following versions are vulnerable: Wonderware Information Server 4.0 SP1 Wonderware Information Server 4.5 Portal Wonderware Information Server 5.0 Portal Wonderware Information Server 5.5 Portal. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Schneider Electric Wonderware Information Server (WIS) Any file can be read or service disruption (DoS) There are vulnerabilities that are put into a state. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. Invensys Wonderware Information Server has an information disclosure vulnerability that can be exploited by local attackers to obtain sensitive information. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms. A security vulnerability exists in Schneider Electric WIS Portal versions 4.0 SP1 to 5.5

SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Invensys Wonderware Information Server can centrally reflect web management solutions for production management. Allows an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the underlying database. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. Supplementary information : CWE Vulnerability types by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. http://cwe.mitre.org/data/definitions/326.htmlBy reading the authentication information file, a third party may obtain important information. Wonderware Information Server easily integrates factory performance metrics and operations, maintenance, and engineering production data collection and display through a network solution. Attackers use vulnerabilities to view encrypted data and obtain sensitive information. This may lead to other attacks. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. Supplementary information : CWE Vulnerability type by CWE-326: Inadequate Encryption Strength ( Incorrect cipher strength ) Has been identified. http://cwe.mitre.org/data/definitions/326.htmlIf a third party reads the authentication information file, important information may be obtained. Invensys Wonderware Information Server is a graphical visualization, reporting and analysis of real-time network-based plant operations data that helps drive productivity across the enterprise. This may lead to other attacks. The program supports dashboards, pre-designed industrial activity reports, etc., and provides processes for analysis or write-back mechanisms

Grand MA 300 allows a brute-force attack on the PIN. Grand MA 300 Contains a vulnerability related to insufficient protection of credentials.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. The Grand MA 300 has a security hole in which the program fails to encrypt the pin in the network and wigand communication, allowing the attacker to sniff sensitive information and allow the attacker to brute force the PIN. Attackers can exploit these issues to disclose the access pin by sniffing network traffic or perform brute-force attacks on pin to gain unauthorized access. This may aid in other attacks

Grand MA 300 allows retrieval of the access PIN from sniffed data. Grand MA 300 Contains a vulnerability in sending sensitive information in the clear.Information may be obtained. The Grand MA 300 has a security hole in which the program fails to encrypt the pin in the network and wigand communication, allowing the attacker to sniff sensitive information and allow the attacker to brute force the PIN. Attackers can exploit these issues to disclose the access pin by sniffing network traffic or perform brute-force attacks on pin to gain unauthorized access. This may aid in other attacks

The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet. CG is an American supplier of power, transportation, renewable energy and water/wastewater treatment businesses for automated SCADA systems. ePAQ-9410 Substation Gateway Serial-Connected device has a local denial of service vulnerability due to failure to properly validate user-supplied input. An attacker could exploit this vulnerability to crash an affected device and initiate a denial of service attack. Note: This issue affects the IP connected devices. CG Automation ePAQ-9410 Substation Gateway is a substation gateway product deployed in the energy sector by CG Automation in the United States. A security vulnerability exists in the DNP3 driver in the CG Automation ePAQ-9410 Substation Gateway

The CG Automation Software DNP3 driver, used in the ePAQ-9410 Substation Gateway products, does not validate input correctly. An attacker could cause the software to go into an infinite loop, causing the process to crash. The system must be restarted manually to clear the condition. CG is an American supplier of power, transportation, renewable energy and water/wastewater treatment businesses for automated SCADA systems. An attacker could exploit this vulnerability to crash an affected device and deny service to a legitimate user. Note: To exploit this issue local access to the serial-based outstation is required

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563. Vendors have confirmed this vulnerability Bug ID CSCuq31129 , CSCuq31134 , CSCuq31137 ,and CSCuq31563 It is released as.Unspecified by a third party Any via parameter Web Script or HTML May be inserted. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. These issues are being tracked by Cisco Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750. Vendors have confirmed this vulnerability Bug ID CSCup77750 It is released as.Denial of service operation via a packet crafted by a third party ( Chip and card hang ) There is a possibility of being put into a state. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. A denial of service vulnerability exists in Cisco IOS. Allowing an attacker to exploit this vulnerability causes the NP chip and line card on the affected device to lock and reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCup77750. The vulnerability comes from the fact that the program does not correctly perform NetFlow sampling of data packets (including the multicast destination MAC address)

Multiple D-Link Products are prone to the following security vulnerabilities: 1. An authentication-bypass vulnerability 2. A directory-traversal vulnerability 3. A cross-site request-forgery vulnerability 4. An user-enumeration weakness An attacker can exploit these issues to perform certain unauthorized actions, bypass-authentication mechanisms, or gain access to potentially sensitive information. This may lead to further attacks.

The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request. Netmaster Cable modem provided by CBW700N Contains an information disclosure vulnerability. Netmaster Cable modem provided by CBW700N Is the default setting SNMP Is enabled. CBW700N Is known SNMP Uses community name, username, password and WiFi There is a vulnerability that leaks information such as keys (CWE-200) . CWE-200: Information Exposure http://cwe.mitre.org/data/definitions/200.htmlUser name, password and password set on the device by a remote third party WiFi You may be able to obtain sensitive information such as keys. Arris Touchstone DG950A 7.10.131 is vulnerable. Netmaster CBW700N is prone to an information-disclosure vulnerability. This may aid in further attacks. Netmaster CBW700N running firmware version 81.447.392110.729.024 is vulnerable

The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request. Arris Provided by Touchstone DG950A Contains an information disclosure vulnerability. Arris Provided by Touchstone DG950A Is the default setting SNMP Is enabled. DG950A Is known SNMP Uses community name, username, password and WiFi There is a vulnerability that leaks information such as keys (CWE-200) . Other versions may also be affected by this vulnerability. CWE-200: Information Exposure http://cwe.mitre.org/data/definitions/200.htmlUser name, password and password set on the device by a remote third party WiFi You may be able to obtain sensitive information such as keys. The ARRIS Touchstone Data Gateway DG860P2 is a combination of a 4-port Gigabit router. This may aid in further attacks

Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors. SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. A buffer overflow vulnerability exists in SAP NetWeaver 'disp+work.exe'. Failed exploit attempts may result in a denial-of-service condition

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal. plural Huawei Campus A switch product contains an information disclosure vulnerability.Information may be obtained. Huawei Campus Series Switches is China's Huawei series of Campus switches. Huawei Campus Series Switches has a user enumeration vulnerability that allows an attacker to exploit a vulnerability to obtain a valid username and initiate further attacks. An attacker may leverage this issue to harvest valid usernames, which may aid in further attacks. A remote attacker can use this vulnerability to log in to the server through SSH to guess whether a user name exists on the switch device based on the information returned by the server

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors. Technik Microcontrol Firmware is prone to a cross-site scripting vulnerability. Schrack Technik microControl is a distributed power supply system (low power consumption system) of Schrack Technik Company in Austria

Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors. Local attackers can exploit this issue to gain elevated privileges on affected computers. The following versions are affected: IBM Power 7 Systems Version 740 prior to Version 740.70 01Ax740_121, Version 760 prior to Version 760.40 Ax760_078, Version 770 prior to Version 770.30 01Ax770_062

The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914. The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution (LTE). Cisco ASR 5000 Series Software is prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCuo21914. Packet Data Network Gateway (aka PGW) is one of the packet data gateways