VARIoT IoT vulnerabilities database

Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266. Vendors have confirmed this vulnerability Bug ID CSCui30266 It is released as.By any third party through unspecified parameters Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCui30266. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30275. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCui30275. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php. QNAP Photo Station is a network storage device that can be used for image storage. QNAP Photo Station is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Versions prior to QNAP Photo Station 4.0.3 build0912 are vulnerable. QNAP Systems QNAP Photo Station is a web-based photo album application from QNAP Systems, which supports organizing and sharing photos and videos on the NAS via the Internet

Hitachi JP1/Cm2/Network Node Manager i contains multiple vulnerabilities. Malicious remote users can exploit this vulnerability to disrupt services, disclose configuration data or execute arbitrary script.

The Java bundled with Hitachi JP1/Cm2/Network Node Manager i contains multiple vulnerabilities.Malicious remote users can exploit this vulnerability to disrupt services, disclose configuration data or execute arbitrary script.

The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. Emerson Process Management Emerson Process Control is a company that includes process control, electrical and telecommunications, industrial automation, heat transfer, HVAC, and appliances and tools. The ROC800 RTU product is used to perform multiple PLC-like functions on the control device. The following products are affected: ROC800 3.50 and prior DL8000 2.30 and prior ROC800L 1.20 and prior. This product includes ROC800, ROC800L, DL8000, and has the function of executing multiple PLCs (digital operation operation electronics in industrial environments) on control equipment

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive information about device presence by listening for broadcast traffic. Emerson Process Management Emerson Process Control is a company that includes process control, electrical and telecommunications, industrial automation, heat transfer, HVAC, and appliances and tools. The ROC800 RTU product is used to perform multiple PLC-like functions on the control device. The ROC800 RTU runs on the ENEA OSE operating system, and the kernel running on the ROC800 device broadcasts web beacons, allowing attackers to easily detect OSE debugging vulnerabilities. This vulnerability can be exploited remotely. Multiple Emerson Process Management RTUs including ROC800, DL8000, and ROC800L are prone to a remote security vulnerability. An attacker can exploit the issue to perform unauthorized actions. This may aid in further attacks. The following versions are affected: ROC800 3.50 and prior DL8000 2.30 and prior ROC800L 1.20 and prior. The three products ROC800, ROC800L, and DL8000 use ROC800 RTUs

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by leveraging knowledge of the ROM contents from a product installation elsewhere. Emerson Process Management Emerson Process Control is a company that includes process control, electrical and telecommunications, industrial automation, heat transfer, HVAC, and appliances and tools. The ROC800 RTU product is used to perform multiple PLC-like functions on the control device. The ROC800 ROM contains a built-in account that allows remote attackers to access the operating system command shell and control the ROC800 device. Multiple Emerson Process Management RTUs including ROC800, DL8000, and ROC800L are prone to a security-bypass vulnerability caused by hard-coded credentials. An attacker can leverage this issue to gain access to the vulnerable device. The following versions are affected: ROC800 3.50 and prior DL8000 2.30 and prior ROC800L 1.20 and prior. The three products ROC800, ROC800L, and DL8000 use ROC800 RTUs

Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors. IBM WebSphere DataPower XC10 Appliance is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain potentially sensitive information. This may aid in further attacks. IBM WebSphere DataPower XC10 Appliance 2.0, 2.1, and 2.5 are vulnerable. The platform enables distributed caching of data with little to no change to existing applications. A remote attacker could exploit this vulnerability to gain administrator privileges

The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. The vulnerability is due to a problem with the processing of the packet sequence in the PPTP-ALG. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCue91963

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service. Emerson Process Management Emerson Process Control is a company that includes process control, electrical and telecommunications, industrial automation, heat transfer, HVAC, and appliances and tools. The ROC800 RTU product is used to perform multiple PLC-like functions on the control device. The ROC800 RTU kernel contains a port for connecting to the debug tool. An attacker can change memory, registers, process state, and full control of the device. Emerson ROC800 Remote Terminal Units are prone to a remote code-execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code within the context of the affected device. Successful exploits will completely compromise the device. The following products are affected: ROC800 3.50 and prior DL8000 2.30 and prior ROC800L 1.20 and prior. The three products ROC800, ROC800L, and DL8000 use ROC800 RTUs

Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method. The HP 2620 switches are switch devices developed by HP. HP 2620 switch series are prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions. Other attacks are also possible. This series of switches supports IPV4/IPv6 static and RIP routing functions

The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772. Vendors have confirmed this vulnerability Bug ID CSCub13772 It is released as.Malformed by local user show-macstats It may be possible to get permission through parameters. Cisco Unified Computing System is prone to a local arbitrary command-execution vulnerability. A local attacker can exploit this issue to execute arbitrary commands with elevated privileges. Successful exploits may compromise the affected device. This issue being tracked by Cisco Bug ID CSCub13772. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology

The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. When PPTP packets are not processed correctly when converting packets on the NAT boundary, unauthenticated remote attackers can exploit the vulnerability to overload the device. An unauthenticated remote attacker can repeatedly send some legitimate PPTP packets to the target device. When the affected device handles malicious communication, the race condition can cause a backtracking or cause the device to terminate the operation incorrectly, resulting in a denial of service attack. The following devices are affected by this vulnerability: Cisco IOS 12.2 SXI 12.2(33) SXI7 | 12.2SXJ 12.2(33)SXJ1 | 12.2SY 12.2(50)SY3, 12.2(50)SY4 | 15.0M 15.0(1)M6, 15.0(1) M6a, 15.0(1)M7 | 15.0SY 15.0(1)SY | 15.1M 15.1(4)M1 | 15.1T 15.1(2)T4 | 15.1XB 15.1(4)XB5, 15.1(4)XB5a | 15.2GC 15.2( 1) GC, 15.2(1)GC1, 15.2(1)GC2 | 15.2T 15.2(1)T, 15.2(1)T1, 15.2(1)T2. This issue is being tracked by Cisco Bug ID CSCtq14817

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. Cisco Unified Computing System is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input. An attacker can exploit this issue to cause denial-of-service conditions. This issue is tracked by Cisco Bug ID CSCtg48206. Cisco Unified Computing System (UCS) is a unified computing system of Cisco (Cisco). The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology

The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769. Vendors have confirmed this vulnerability Bug ID CSCtg20769 It is released as.A third party may use hard-coded password information to read or edit the file. Cisco Unified Computing System is prone to a security-bypass vulnerability. Exploiting this issue could allow an attacker to bypass certain security restrictions and perform unauthorized actions. This issue is being tracked by Cisco Bug ID CSCtg20769. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology

The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug ID CSCtk00683. Vendors have confirmed this vulnerability Bug ID CSCtk00683 It is released as.Man-in-the-middle attacks (man-in-the-middle attack) By ID By impersonating, the data stream between devices may be read or altered. Cisco Unified Computing System is prone to a security-bypass vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks. This issue is being tracked by Cisco Bug ID CSCtk00683. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object. Motorola Defy XT - Republic Wireless is a smart phone customized for the operator Republic Wireless. Android is prone to a local security vulnerability. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). A local attacker could exploit this vulnerability to gain privileges by using the LocalSocket object

Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket. Motorola Defy XT - Republic Wireless is a smart phone customized for the operator Republic Wireless. Motorola Defy XT - Republic Wireless has a stack-based buffer overflow for the init sub_E110 function in Android 2.3.7. A local attacker can write a long string to the /dev/socket/init_runit socket to trigger the vulnerability. Permissions or a denial of service attack (memory corruption). Android is prone to a denial-of-service vulnerability. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA)

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. Vendors have confirmed this vulnerability Bug ID CSCuc81226 It is released as.By a third party MSDP Interfering with service operation by using peering relationship ( Device reload ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A security vulnerability exists in the Cisco IOS IPv6 Network Time Protocol (ntp) that unauthenticated remote attackers can exploit vulnerabilities to suspend or reload devices. The vulnerability is that the affected device incorrectly processes the special multicast NTP packet. The remote attacker can use the vulnerability to send the special packet to reload the device, causing a denial of service attack. Cisco IOS is prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug IDs CSCuc81226