VARIoT IoT vulnerabilities database
| VAR-201402-0570 | No CVE | OpenVox VoxStack Wireless Gateway DDNS Password Disclosure Vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway /cgi-bin/php/network-ddns.php script has a vulnerability that allows remote man-in-the-middle attackers to obtain DDNS password information.
| VAR-201402-0573 | No CVE | OpenVox VoxStack Wireless Gateway Clear Text SSH Password Vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
OpenVox VoxStack is an Asterisk-based analog voice gateway series designed for small and medium-sized businesses. OpenVox VoxStack Wireless Gateway /cgi-bin/php/system-login.php script fails to properly disclose sensitive information, allowing attackers to attack through man-in-the-middle Get SSH password information.
| VAR-201402-0440 | No CVE | Schneider Electric SCADAPack VxWorks Debugger Device Control Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Schneider Electric SCADAPack is a telemetry, remote SCADA system solution. Schneider Electric SCADAPack enables the VxWorks debug agent, allowing remote attackers to exploit vulnerabilities to send specially crafted requests to the UDP/17185 port to control devices
| VAR-201402-0566 | No CVE | ASUS Multiple Routers AiCloud Service/smb.xml Directory Traversal Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ASUS is one of the world's leading providers of 3C solutions, dedicated to providing the most innovative products and applications to individuals and businesses. A directory traversal vulnerability exists in the AiCloud service included in multiple routers of ASUS. Because /smb.xml in the AiCloud service fails to properly filter user-supplied input, remote attackers are allowed to exploit the vulnerability to obtain sensitive information.
| VAR-201402-0580 | No CVE | OpenVox VoxStack Wireless Gateway Default Management Password Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway has a default 'admin' account with a password of 'admin' that allows an attacker to exploit the vulnerability to gain unauthorized access to the device.
| VAR-202002-0773 | CVE-2014-1617 | Microsys PROMOTIC ActiveX (PmTrends.dll) Start Function Denial of Service Vulnerability |
CVSS V2: 7.1 CVSS V3: 6.5 Severity: MEDIUM |
Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service. Microsys PROMOTIC Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be put into a state. MICROSYS PROMOTIC is a SCADA software. The MICROSYS PROMOTIC PmTrends.dll ActiveX control start function fails to properly filter user input, allowing an attacker to exploit a vulnerability to build a malicious WEB page, enticing the user to resolve and crashing the application. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided
| VAR-202001-1285 | CVE-2014-1598 | CenturyStar ActiveX (CamW2000.dll) SetMyAddress Function parameter handling buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
centurystar 7.12 ActiveX Control has a Stack Buffer Overflow. centurystar Contains an out-of-bounds write vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. CenturyStar is a popular SCADA industrial control software. The SetMyAddress function in the CenturyStar CamW2000.dll ActiveX control has an overflow vulnerability in parsing parameters, allowing remote attackers to exploit exploits to build malicious web pages, tricking users into parsing, crashing an application, or executing arbitrary code
| VAR-201710-0080 | CVE-2014-0691 | Cisco WebEx Meetings Server Vulnerabilities related to lack of entropy |
CVSS V2: 5.0 CVSS V3: 7.3 Severity: HIGH |
Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643. Cisco WebEx Meetings Server Contains a vulnerability related to lack of entropy. Vendors have confirmed this vulnerability Bug ID CSCuc79643 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Linux kernel is prone to a local memory-corruption vulnerability.
Successfully exploiting this issue will allow an attacker to cause a memory leak to obtain sensitive information. Failed exploit attempts will likely crash the kernel, denying service to legitimate users.
Note: This BID is being retired as a duplicate of the issue discussed in BID 65588 (Linux Kernel '/fs/cifs/file.c' Local Memory Corruption Vulnerability). Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. A security vulnerability existed in versions of CWMS prior to 1.1
| VAR-201402-0578 | No CVE | NETGEAR D6300B /data/nvram Clear Text Management Password Storage Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The NETGEAR D6300B is a smart router device. The NETGEAR D6300B stores login passwords in /data/nvram in clear text, and remote attackers can exploit vulnerabilities to obtain sensitive information.
| VAR-201402-0579 | No CVE | OpenVox VoxStack Wireless Gateway DDNS Password Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway /cgi-bin/php/network-ddns.php script has security vulnerabilities that allow remote attackers to exploit sensitive information.
| VAR-201402-0584 | No CVE | OpenVox VoxStack Wireless Gateway Clear Text SSH Password Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
OpenVox VoxStack is a series of Asterisk-based analog voice gateways designed for small and medium-sized businesses. OpenVox VoxStack Wireless Gateway /cgi-bin/php/system-login.php script leaks sensitive information, and remote attackers can exploit vulnerabilities to obtain SSH password information. .
| VAR-201402-0577 | No CVE | NETGEAR D6300B /diag.cgi IPAddr4 Parameter Remote Command Execution Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The NETGEAR D6300B is a smart router device. The NETGEAR D6300B /diag.cgi script failed to properly filter the 'IPAddr4' POST parameter data, allowing remote attackers to exploit the vulnerability to execute arbitrary system commands.
| VAR-201402-0575 | No CVE | OpenVox VoxStack Unauthorized Access Vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
OpenVox VoxStack is a family of Asterisk-based analog voice gateways designed for small and medium-sized businesses. The OpenVox VoxStack Wireless Gateway has a default 'admin' account with a password of 'admin' that allows an attacker to exploit the vulnerability to gain unauthorized access to the device.
| VAR-201402-0571 | No CVE | NETGEAR D6300B special message remote root telnet access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The NETGEAR D6300B is a smart router device. The NETGEAR D6300B has a vulnerability in handling specially crafted messages that combine the 'Gearguy' username with the 'Geardog' password, allowing remote attackers to exploit the vulnerability without requiring authentication to gain root access to the device.
| VAR-201404-0184 | CVE-2014-1957 | FortiGuard FortiWeb Vulnerability gained in |
CVSS V2: 6.5 CVSS V3: - Severity: MEDIUM |
FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. FortiGuard FortiWeb Contains a privileged vulnerability.A user who has been remotely authenticated may be able to obtain permission. Fortinet Fortiweb is prone to multiple security vulnerabilities, including;
1. A cross-site scripting vulnerability
2. A security-bypass vulnerability
3. An HTTP Header Injection Vulnerability
An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, bypass security restrictions to obtain sensitive information, or insert arbitrary headers into an HTTP response, which may help them launch other attacks.
Fortinet Fortiweb 5.0.2 and prior are vulnerable. Fortinet FortiGuard FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Sensitive database content. Elevation of privilege vulnerability exists in Fortinet FortiGuard FortiWeb 5.0.2 and earlier versions
| VAR-201404-0183 | CVE-2014-1956 | FortiGuard FortiWeb In CRLF Injection vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Fortinet Fortiweb is prone to multiple security vulnerabilities, including;
1. A cross-site scripting vulnerability
2. A security-bypass vulnerability
3.
Fortinet Fortiweb 5.0.2 and prior are vulnerable. Fortinet FortiGuard FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Sensitive database content. CRLF injection vulnerability exists in Fortinet FortiGuard FortiWeb 5.0.2 and earlier versions
| VAR-201404-0182 | CVE-2014-1955 | FortiGuard FortiWeb Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Fortinet Fortiweb is prone to multiple security vulnerabilities, including;
1. A cross-site scripting vulnerability
2. A security-bypass vulnerability
3. An HTTP Header Injection Vulnerability
An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, bypass security restrictions to obtain sensitive information, or insert arbitrary headers into an HTTP response, which may help them launch other attacks.
Fortinet Fortiweb 5.0.2 and prior are vulnerable. Fortinet FortiGuard FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc. Sensitive database content
| VAR-201402-0449 | No CVE | NetGear N300 DGN2200 Multiple Security Vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
NetGear N300 DGN2200 is a wireless ADSL2 + Modem router product from NetGear.
The following security vulnerabilities exist in NetGear N300 DGN2200 running firmware version 1.0.0.36-7.0.37: 1. Local information disclosure vulnerability 2. Cross-site request forgery vulnerability 3. Arbitrary file access vulnerability 4. Remote command execution vulnerability 5. Unauthorized access Vulnerability 6. Security Bypass Vulnerability. Attackers can use these vulnerabilities to bypass security restrictions, obtain sensitive information, perform unauthorized operations in the context of the logged-in user, gain access, or execute arbitrary commands in the context of the affected application. An unauthorized-access weakness
6
| VAR-201402-0519 | No CVE | ZyXEL Prestige 782R '/rom-0' RomPager Access Bypass Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ZyXEL Prestige 782R is a router product of ZyXEL Technology Corporation.
An authentication bypass vulnerability exists in ZyXEL Prestige 782R. An attacker could use this vulnerability to bypass the authentication mechanism and perform unauthorized operations. This may aid in further attacks
| VAR-201402-0203 | CVE-2014-0725 | Cisco Unified Communications Manager Vulnerability in which important information is obtained |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco Unified Communications Manager (UCM) does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file storage location," aka Bug ID CSCum05337. This may aid in further attacks.
This issue is being tracked by Cisco Bug ID CSCum05337. Cisco Unified Communications Manager (CUCM, Unified CM, CallManager) is a call processing component in a unified communication system of Cisco (Cisco). This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. A remote attacker could exploit this vulnerability to obtain sensitive information