VARIoT IoT vulnerabilities database

Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084. Vendors have confirmed this vulnerability Bug ID CSCuj43084 It is released as.Conversation text may be inserted by a third party by obtaining a valid identifier. An attacker can leverage this issue to capture, modify, or conduct a brute force attack on a session identifier. This issue is being tracked by Cisco Bug ID CSCuj43084. Web Interaction Manager is a product that can help call center business representatives use websites and text chats or real-time Web collaboration to answer customer questions; E-mail Interaction Manager is a product used to manage a large number of customer emails submitted to corporate mailboxes or websites

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085. Vendors have confirmed this vulnerability Bug ID CSCum86085 It is released as.A third party could gain the role's privileges by using the similarity of group names. The Cisco Email Security Appliance is an EMAIL security gateway from Cisco. AsyncOS is the operating system used by the product to handle bottlenecks in concurrent communications and file-based mail queues. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This issue is being tracked by Cisco Bug ID CSCum86085. A remote attacker could exploit this vulnerability to gain privileges

Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. Cisco ASA Software is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected system to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCun69561

Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900. Cisco Security Device Manager, Cisco Security Device Management Tool, referred to as SDM. It is a graphical router management tool provided by Cisco. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuo06900. Security Manager 4.2 and prior are vulnerable. The vulnerability is caused by the program's insufficient validation parameters

Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packets, aka Bug ID CSCuj72215. Vendors have confirmed this vulnerability Bug ID CSCuj72215 It is released as.Skillfully crafted by a third party RTCP Service disruption via packets ( Stop input queue consumption and traffic processing ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A denial of service vulnerability exists in Cisco IOS. Allows remote attackers to cause denial of service through elaborate RTCP packets. Attackers can exploit this issue to cause the denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuj72215

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Attackers can exploit this issue to cause the affected device to hang, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCul80924

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Attackers can exploit this issue to cause the affected device to crash, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149

The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The LLDP packet is sent to the LLDP-enabled device to overload the affected device. Cisco IOS Software is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCum96282

The D-Link DGL-5500 is a router device. The D-Link DGL-5500 has a cross-site scripting and information disclosure vulnerability that allows attackers to exploit vulnerabilities to obtain sensitive information, bypass security restrictions or conduct cross-site scripting attacks.

The D-Link DIR-855L and DIR-835 are router devices. There are several security vulnerabilities in D-Link DIR-855L and DIR-835: 1. The device fails to properly restrict access to the tools_admin.asp script, allowing attackers to exploit the vulnerability access restricted feature. 2. There is an error in processing requests through TCP 8080 and CGI/SSI/ accessing hnap.cgi to obtain sensitive information. 3. Inputs submitted via the \"action\" GET parameter are missing filtering before returning to the user, allowing remote attackers to exploit the vulnerability to inject malicious scripts or HTML code to obtain sensitive information or hijack user sessions when malicious data is viewed.

ARRIS SURFboard SBG6580 Series Wi-Fi Cable Modem is a Wi-Fi cable modem. ARRIS SURFboard SBG6580 Series Wi-Fi Cable Modem has an information disclosure vulnerability that allows an attacker to exploit a vulnerability to obtain user interface authentication credentials and wireless network key values through a simple SNMP request. Arris SURFboard SBG6580 is a wireless gateway product from the American Arris Group. An information disclosure vulnerability exists in ARRIS SURFboard SBG6580. An attacker could use this vulnerability to obtain sensitive information. Vulnerabilities in ARRIS SURFboard 6.5.0.0-GA-00-226-NOSH version, other versions may also be affected. This may result in further attacks

system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity. Exploiting this issue may allow a remote attacker to perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCuj43080. Web Interaction Manager is a product that can help call center business representatives use websites and text chats or real-time Web collaboration to answer customer questions; E-mail Interaction Manager is a product used to manage a large number of customer emails submitted to corporate mailboxes or websites

The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. An attacker could exploit the vulnerability to cause the affected device to reload and refuse to serve legitimate users. This issue is being tracked by Cisco Bug ID CSCug65204

Huawei Campus Series Switches is a switch device from Huawei. There are several vulnerabilities in Huawei Campus Series Switches: 1. There is an unspecified error that allows an attacker to exploit an exploit to perform an unauthorized firmware upgrade. 2. The BootRom Menu has an error that allows an attacker to exploit the vulnerability to bypass the system security check mechanism. 3. The BootRom Menu has an error that allows an attacker to exploit the vulnerability to control the device. The following devices are affected by this vulnerability: Huawei Campus S7700 firmware V200R001C00SPC300, V200R002C00SPC100 and V200R003C00SPC300Huawei Campus S9300 firmware V200R001C00SPC300, V200R002C00SPC100 and V200R003C00SPC300Huawei Campus S9700 firmware V200R001C00SPC300, V200R002C00SPC100 and V200R003C00SPC300

The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file. The HUB is a multi-port transponder. When the HUB is used as the center device, a certain line in the network has a fault and does not affect the work of other lines. Other attacks may also be possible

TP-Link TD-W89 Routers is a router device. TP-LINK TD-W89 is a router product of China TP-LINK company. An unauthorized access vulnerability exists in the TP-LINK TD-W89 router. An attacker could use this vulnerability to gain access to sensitive information

Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuj43033. Web Interaction Manager is a product that can help call center business representatives use websites and text chats or real-time Web collaboration to answer customer questions; E-mail Interaction Manager is a product used to manage a large number of customer emails submitted to corporate mailboxes or websites

ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file. Intel Indeo Video is prone to a memory-corruption vulnerability. Attackers can exploit this issue to crash the affected application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. Intel Indeo Video 4.5 ir41_32.ax version 4.51.16.3 is vulnerable; other versions may also be affected

Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations. iTunes is prone to multiple insecure file-permission vulnerabilities. Apple iTunes versions prior to 11.2.1 are vulnerable. Apple Apple iTunes is a set of media player applications of Apple (Apple), which is mainly used for playing and managing digital music and video files. The vulnerability is caused by the program setting global write permissions on the /Users and /Users/Shared directories during restart. This issue was addressed with improved permission handling. For information on the general content of iTunes 11.2.1, see http://support.apple.com/kb/TS5434 CVE-ID CVE-2014-1347 iTunes 11.2.1 may be obtained from: http://www.apple.com/itunes/download/ The download file is named: iTunes11.2.1.dmg Its SHA-1 digest is: d7e00140775bd15069ded529388add2ce6f0b538 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTdvWrAAoJEBcWfLTuOo7t1rgP+gL3Z02WLrsQb66XvuTEz9Ij KHKL/y3yXzMIdwEqFsHvcd8Ls9lBaiSFTkXIWXhgWsW8PZPFZBahprnbbszFmwJ6 P9g2QRWstQFpveImGdrMW3E9yjIf7YvkjD2NNNpG4NUXiejwWANJ1kmfHJ9ny1vs L8bIImea5+mTMt+fvrJp3vWGAhLSfJYc9HQvIqJxhESiAW0dOoprbkTGVPRbR5wE w7d1m5LS8nvmWi8blLKvLtv+AX2HJvLniJwYkZXa4kMUy25nYLrTZ09aRMfP2Ygg 4fjsIphrnpScl9gGaBYbp3vncR/g0Nypw0b3/ahlmBnEFFIXHJNjudoW8vbBdyaM 7x1A4y1iVregs7LKRwExhZGjc85WYJis1asVE4A0L8rjqjj/OskXUyFFZ2wKEwic apZPyeqGOPpdwa3CsHcq7RZZb1Y8aceeLviXKb2iOC37toRMnDkMr2SBd/xD6TfE fWxBbFnxsY+BFbfz9QUpvtmWI3a399vqt6J9RXxve/a/nd8XyCUdgTxhGSf+uUZ4 U6vJppHF+nzXjaua8L7z8RXxQDfjFm2pI9a3VfRjq50hrznCprXSIR148//WSiHJ Y6Ss5s+lHLedmdudW9Fsiywb0ImEK88bQtmHg4WqxOfFbC9X25262WhDN+m7KoGJ 4kQtMB6mjCY/WsU+frOA =P5hZ -----END PGP SIGNATURE-----

Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors. An remote attacker can exploit this issue to execute arbitrary code with root privileges. This may facilitate complete compromise of the affected device. Junos Space 13.1 and prior are vulnerable. Juniper Junos Space is a set of network management solutions from Juniper Networks. The solution supports automated configuration, monitoring, and troubleshooting of devices and services throughout their lifecycle