VARIoT IoT vulnerabilities database

A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this issue is the function formWifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263084. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of i21 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter index of the function formWifiMacFilterGet failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this vulnerability is the function formSetUplinkInfo of the file /goform/setUplinkInfo. The manipulation of the argument pingHostIp2 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263083. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of i21 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter pingHostIp2 of the file /goform/setUplinkInfo failing to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). Affected is the function formSetAutoPing. The manipulation of the argument ping1/ping2 leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263082 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of i21 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the failure of the parameter ping1/ping2 of the function formSetAutoPing to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). This issue affects the function formOfflineSet of the file /goform/setStaOffline. The manipulation of the argument GO/ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263081 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of i21 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter GO/ssidIndex of the file/goform/setStaOffline failing to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability affects the function formGetDiagnoseInfo. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263080. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of i21 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the parameter cmdinput of the function formGetDiagnoseInfo failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint. (DoS) It may be in a state. Linksys E5600 is a powerful, compact and reliable WiFi 5 router from Linksys of the United States. Attackers can exploit this vulnerability to cause arbitrary command execution

The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE. Parrot of ANAFI There are unspecified vulnerabilities in the firmware.Service operation interruption (DoS) It may be in a state

Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten. Delta Electronics, INC. of DIAEnergie Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed. Delta Electronics, INC. of DIAEnergie for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Apache APISIX when using `forward-auth` plugin.This issue affects Apache APISIX: from 3.8.0, 3.9.0. Users are recommended to upgrade to version 3.8.1, 3.9.1 or higher, which fixes the issue. Apache Software Foundation of APISIX for, HTTP There is a vulnerability related to request smuggling.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

EG2000UE is a gateway product. Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000UE has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload. Cisco IP Phone is a hardware device of Cisco, an IP phone that provides calling functions

Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the overflow. TOTOLINK of A3002R Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability. Milesight Technology of ur32l The firmware contains an authorization vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function. Shenzhen Tenda Technology Co.,Ltd. of AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to remotely execute arbitrary code and control the affected device

A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, if secure update feature was not enabled on all CMUs of a RTU500. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned firmware. RTU500 is a series of industrial control components of Hitachi, Japan, mainly used in industrial control systems. Hitachi Energy RTU500 series CMU Firmware has a security vulnerability that can be exploited by attackers to bypass security updates

modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file (executed on every page load). Vtiger of Vtiger CRM There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers to cause a Denial of Service (DoS) via a crafted input. D-Link Systems, Inc. of DIR-823G The firmware has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state

A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262223. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of A301 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are provided at present

A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the function formSetUrlFilterRule. The manipulation of the argument groupIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-262143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of i22 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are provided at present