VARIoT IoT vulnerabilities database

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. 315 5g iot modem firmware, APQ8017 firmware, APQ8064AU Multiple Qualcomm products, including firmware, contain an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. 315 5g iot modem firmware, 9206 lte modem firmware, APQ8017 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state

Memory corruption while using the UIM diag command to get the operators name. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Multiple Qualcomm products, including firmware, contain an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Transient DOS in Bluetooth Host while rfc slot allocation. APQ8017 firmware, APQ8064AU firmware, AQT1000 Multiple Qualcomm products, including firmware, contain an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. 315 5g iot modem firmware, 9205 lte modem firmware, AQT1000 Multiple Qualcomm products such as firmware contain a buffer error vulnerability.Information may be obtained

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Memory corruption in MPP performance while accessing DSM watermark using external memory address. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Memory Corruption in SPS Application while exporting public key in sorter TA. 315 5g iot modem firmware, 9205 lte modem firmware, APQ8017 Multiple Qualcomm products such as firmware have a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Incomplete or wrong received APDU frame layout may cause blocking on link layer. Error reason was an endless blocking when reading incoming frames on link layer with wrong length information of APDU or delayed reception of data octets. Only communication link of affected HCI IEC 60870-5-104 is blocked. If attack sequence stops the communication to the previously attacked link gets normal again. rtu520 firmware, rtu530 firmware, rtu540 firmware etc. Hitachi Energy A cross-site scripting vulnerability exists in the product.Information may be obtained and information may be tampered with. Hitachi Energy RTU500 is a series of industrial control components of Hitachi, Ltd

A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language file being improperly sanitized. rtu520 firmware, rtu530 firmware, rtu540 firmware etc. Hitachi Energy A cross-site scripting vulnerability exists in the product.Information may be obtained and information may be tampered with. RTU500 is a series of industrial control components of Hitachi, Japan, mainly used in industrial control systems

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848)

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846)

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860)

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861)

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849)

In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability. TOTOLINK of x6000r Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK X6000R has a command execution vulnerability. The vulnerability stems from the failure of the sub_415534 function to correctly filter special characters, commands, etc. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component. TOTOLINK of x6000r Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. X6000R is a wireless router made by China's TOTOLINK company. Zeon Electronics (Shenzhen) Co., Ltd. X6000R has a command execution vulnerability. The vulnerability is caused by the failure of the command parameter of the setting/setTracerouteCfg component to correctly filter special characters, commands, etc. in the constructed command

An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component. TOTOLINK of x6000r Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK X6000R has a command execution vulnerability. The vulnerability stems from the failure of the hostName parameter of the switchOpMode component to correctly filter special characters, commands, etc. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi. D-Link Systems, Inc. (DoS) It may be in a state. D-Link GO-RT-AC750 is a wireless dual-band simple router from China D-Link. in the constructed command. An attacker can use this vulnerability to execute arbitrary commands on the system