VARIoT IoT vulnerabilities database

OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway has a default 'admin' account with a password of 'admin' that allows an attacker to exploit the vulnerability to gain unauthorized access to the device.

Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service. Microsys PROMOTIC Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be put into a state. MICROSYS PROMOTIC is a SCADA software. The MICROSYS PROMOTIC PmTrends.dll ActiveX control start function fails to properly filter user input, allowing an attacker to exploit a vulnerability to build a malicious WEB page, enticing the user to resolve and crashing the application. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided

centurystar 7.12 ActiveX Control has a Stack Buffer Overflow. centurystar Contains an out-of-bounds write vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. CenturyStar is a popular SCADA industrial control software. The SetMyAddress function in the CenturyStar CamW2000.dll ActiveX control has an overflow vulnerability in parsing parameters, allowing remote attackers to exploit exploits to build malicious web pages, tricking users into parsing, crashing an application, or executing arbitrary code

Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643. Cisco WebEx Meetings Server Contains a vulnerability related to lack of entropy. Vendors have confirmed this vulnerability Bug ID CSCuc79643 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Linux kernel is prone to a local memory-corruption vulnerability. Successfully exploiting this issue will allow an attacker to cause a memory leak to obtain sensitive information. Failed exploit attempts will likely crash the kernel, denying service to legitimate users. Note: This BID is being retired as a duplicate of the issue discussed in BID 65588 (Linux Kernel '/fs/cifs/file.c' Local Memory Corruption Vulnerability). Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. A security vulnerability existed in versions of CWMS prior to 1.1

The NETGEAR D6300B is a smart router device. The NETGEAR D6300B stores login passwords in /data/nvram in clear text, and remote attackers can exploit vulnerabilities to obtain sensitive information.

OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway /cgi-bin/php/network-ddns.php script has security vulnerabilities that allow remote attackers to exploit sensitive information.

OpenVox VoxStack is a series of Asterisk-based analog voice gateways designed for small and medium-sized businesses. OpenVox VoxStack Wireless Gateway /cgi-bin/php/system-login.php script leaks sensitive information, and remote attackers can exploit vulnerabilities to obtain SSH password information. .

The NETGEAR D6300B is a smart router device. The NETGEAR D6300B /diag.cgi script failed to properly filter the 'IPAddr4' POST parameter data, allowing remote attackers to exploit the vulnerability to execute arbitrary system commands.

OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway has a default 'admin' account with a password of 'admin' that allows an attacker to exploit the vulnerability to gain unauthorized access to the device.

The NETGEAR D6300B is a smart router device. The NETGEAR D6300B has a vulnerability in handling specially crafted messages that combine the 'Gearguy' username with the 'Geardog' password, allowing remote attackers to exploit the vulnerability without requiring authentication to gain root access to the device.

FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. FortiGuard FortiWeb Contains a privileged vulnerability.A user who has been remotely authenticated may be able to obtain permission. Fortinet Fortiweb is prone to multiple security vulnerabilities, including; 1. A cross-site scripting vulnerability 2. A security-bypass vulnerability 3. An HTTP Header Injection Vulnerability An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, bypass security restrictions to obtain sensitive information, or insert arbitrary headers into an HTTP response, which may help them launch other attacks. Fortinet Fortiweb 5.0.2 and prior are vulnerable. Fortinet FortiGuard FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Sensitive database content. Elevation of privilege vulnerability exists in Fortinet FortiGuard FortiWeb 5.0.2 and earlier versions

CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Fortinet Fortiweb is prone to multiple security vulnerabilities, including; 1. A cross-site scripting vulnerability 2. A security-bypass vulnerability 3. Fortinet Fortiweb 5.0.2 and prior are vulnerable. Fortinet FortiGuard FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Sensitive database content. CRLF injection vulnerability exists in Fortinet FortiGuard FortiWeb 5.0.2 and earlier versions

Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Fortinet Fortiweb is prone to multiple security vulnerabilities, including; 1. A cross-site scripting vulnerability 2. A security-bypass vulnerability 3. An HTTP Header Injection Vulnerability An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, bypass security restrictions to obtain sensitive information, or insert arbitrary headers into an HTTP response, which may help them launch other attacks. Fortinet Fortiweb 5.0.2 and prior are vulnerable. Fortinet FortiGuard FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Sensitive database content

NetGear N300 DGN2200 is a wireless ADSL2 + Modem router product from NetGear. The following security vulnerabilities exist in NetGear N300 DGN2200 running firmware version 1.0.0.36-7.0.37: 1. Local information disclosure vulnerability 2. Cross-site request forgery vulnerability 3. Arbitrary file access vulnerability 4. Remote command execution vulnerability 5. Unauthorized access Vulnerability 6. Security Bypass Vulnerability. Attackers can use these vulnerabilities to bypass security restrictions, obtain sensitive information, perform unauthorized operations in the context of the logged-in user, gain access, or execute arbitrary commands in the context of the affected application. An unauthorized-access weakness 6

ZyXEL Prestige 782R is a router product of ZyXEL Technology Corporation. An authentication bypass vulnerability exists in ZyXEL Prestige 782R. An attacker could use this vulnerability to bypass the authentication mechanism and perform unauthorized operations. This may aid in further attacks

Cisco Unified Communications Manager (UCM) does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file storage location," aka Bug ID CSCum05337. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCum05337. Cisco Unified Communications Manager (CUCM, Unified CM, CallManager) is a call processing component in a unified communication system of Cisco (Cisco). This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. A remote attacker could exploit this vulnerability to obtain sensitive information

SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326. A successful exploit may allow an authenticated attacker to compromise the affected application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is tracked by Cisco Bug ID CSCum05326. Cisco Unified Communications Manager (CUCM, Unified CM, CallManager) is a call processing component in a unified communication system of Cisco (Cisco). This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution

FRITZ! Box is a residential gateway device from AVM GmbH. A number of FRITZ!Box products have remote security bypass vulnerabilities that allow an attacker to exploit a vulnerability to bypass specific security restrictions and perform any unauthenticated operations. Multiple FRITZ!Box products are prone to a remote security-bypass vulnerability

SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318. A successful exploit may allow an authenticated attacker to compromise the affected application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is tracked by Cisco Bug ID CSCum05318. Cisco Unified Communications Manager (CUCM, Unified CM, CallManager) is a call processing component in a unified communication system of Cisco (Cisco). This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution

AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable Executable (PE) file. Apple Boot Camp is prone to a memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of the issue, code execution may be possible, however, it has not been confirmed. This issue is fixed in Boot Camp 5.1. Apple Boot Camp is a set of system plug-ins from Apple (Apple) that supports Mac to run Windows operating system. The plug-in is built into the Mac OS X system. A security vulnerability exists in the AppleMNT.sys file in Apple Boot Camp version 5.0. The issue was addressed through improved bounds checking. CVE-ID CVE-2014-1253 : MJ0011 of 360 Security Center Boot Camp 5.1 may be obtained via Apple Software Update or from: http://support.apple.com/downloads/ Depending on your Mac model, the downloading file name is one of the following two: The download file name: BootCamp5.1.5621.zip Its SHA-1 digest: 72c71be259474836c17ddd400aca2218660b8aac The download file name: BootCamp5.1.5640.zip Its SHA-1 digest: 2998a7881509a87b22abc6764379c0a33b6ced3a Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJS+rIpAAoJEPefwLHPlZEwM0gQAJ5Ffh3VoQKk/psQJN6ABJar SbijQfk9eILkiO/XDMwrLKmj0183VS1N+xGzLaZqC0wDjwwwUHOJHUGK02+rRPCf pI2NkZeaRJtGeSfC1LjDHbBhToJLY3JbGU8+NiZrWiFwcJMhyHvgcjWQwOvN2X9R jNiHvo5kTBXboaCwBU9NRvWXDmWbCeWPCsAr0WYOsyCMT4fms/2NtygjiregAGBO BL1kDf2BiF+1lcfGD/cQgOyYPrvOhBtIp6//5UhksFY2h90lHu7Dm6FTUKlUyTzh qKVSro4FL87OA2opuPwAOsbX/96XZEgHlHs2mOy2dGkDCZ2LF6KjWARanSIixBFV 2ARsj6ck+O9S+8KBVGEFBPPKN0fNZ7Irhivv/rR+w1AZLMsbLvdGdm4CarrMEogX daPXwiWnMNsWadMVMIeHpjdYprVw/vfIDCqBXwZfLnDeHxtHgMxyNx0uuXrBPDWu HjrB8Uo0/MSp55QyOSY4DLhQWVTC9mNc5CKcMmnmOQtH4niGyXc+D7k2pa7dKHPY NLggsaiNOKiTjUpcgGEOz191Q7vVDGpGCuV81C9k+AYMWToXnffGXYO62zk0NeIH 7sZ9feNCTZHLlFDF0v9KnnyXFLMTcgT0WXtw1RAcBY7UebcaBSS1ljyw45qGo+bA 3J/op5VbemkYblZScFvu =Dlmy -----END PGP SIGNATURE-----