VARIoT IoT vulnerabilities database

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/server_ip/server_port causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. D-Link Corporation of DIR-823X The firmware contains injection and command injection vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-823X is a wireless router from D-Link, a Chinese company. An attacker could exploit this vulnerability to execute arbitrary commands

A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgi_main of the file htodcs/cgibin of the component Simple Service Discovery Protocol Service. Executing manipulation of the argument ST can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Corporation of DIR-852 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Corporation of DIR-852 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

The WAGO 750-881 is an Ethernet switch module primarily used in industrial automation control scenarios. It supports the TCP/IP protocol and is compatible with the 750 series devices. WAGO Electronics (Tianjin) Co., Ltd.'s WAGO 750-881 contains a weak password vulnerability, which attackers could exploit to obtain sensitive information.

The AC18 is a dual-band wireless router. The AC18 router developed by Shenzhen Jixiang Tengda Technology Co., Ltd. contains a denial-of-service vulnerability, which attackers can exploit to cause a denial-of-service attack.

The AC20 is a wireless router. The Tenda AC20 router, manufactured by Shenzhen Tenda Technology Co., Ltd., contains a denial-of-service vulnerability that attackers could exploit to cause a denial-of-service attack.

The WAGO 750-890 is a Modbus TCP controller suitable for industrial automation systems and supports the Modbus communication protocol. WAGO Electronics (Tianjin) Co., Ltd.'s WAGO 750-890 contains an unauthorized access vulnerability, which attackers could exploit to obtain sensitive information.

The Lexmark CX921de is a color laser printer designed for the commercial market. A vulnerability exists in the Lexmark International Inc. Lexmark CX921de printer that could be exploited by an attacker to obtain sensitive information.

The WAGO 750-891 is a fourth-generation Modbus TCP controller that supports Ethernet communication. WAGO 750-891 from WAGO Electronics (Tianjin) Co., Ltd. has a weak password vulnerability that attackers could exploit to obtain sensitive information.

The WAGO 750-889 is a PLC module that supports KNX IP and Modbus protocols and is suitable for building automation systems. WAGO Electronics (Tianjin) Co., Ltd.'s WAGO 750-889 has a weak password vulnerability that attackers could exploit to obtain sensitive information.

The A720R is a dual-band gigabit wireless router. The ZEON Electronics (Shenzhen) Co., Ltd. A720R model contains an unauthorized access vulnerability that attackers could exploit to obtain sensitive information.

The WAGO 750-841 is a fieldbus adapter in the WAGO-I/O-SYSTEM series, primarily used for data transmission and equipment control in industrial automation. WAGO Electronics (Tianjin) Co., Ltd.'s WAGO 750-841 contains an unauthorized access vulnerability, which attackers could exploit to obtain sensitive information.

The AC7 is a wireless router. The AC7 router developed by Shenzhen Jixiang Tengda Technology Co., Ltd. contains a binary vulnerability that attackers could exploit to cause a denial-of-service attack.

The WAGO 750-881 is an Ethernet switch module primarily used in industrial automation control scenarios. It supports the TCP/IP protocol and is compatible with the 750 series devices. WAGO Electronics (Tianjin) Co., Ltd.'s WAGO 750-881 contains an unauthorized access vulnerability, which attackers could exploit to obtain sensitive information.

The X18 is a wireless router manufactured by TOTOLINK, a Chinese company. The TOTOLINK X18 contains a binary vulnerability that attackers could exploit to gain server privileges.

The Canon MF220 Series is a 4-in-1 multifunction laser printer. Canon (China) Co., Ltd.'s Canon MF220 Series printer has a weak password vulnerability that attackers could exploit to obtain sensitive information.

The AC20 is a wireless router. The AC20 router developed by Shenzhen Jixiang Tengda Technology Co., Ltd. contains a denial-of-service vulnerability, which attackers can exploit to cause a denial-of-service attack.

The AC18 is a dual-band wireless router. The AC18 router developed by Shenzhen Jixiang Tengda Technology Co., Ltd. contains a binary vulnerability that attackers could exploit to cause a denial-of-service attack.

The AC21 is a router product. The AC21 router produced by Shenzhen Jixiang Tengda Technology Co., Ltd. contains a binary vulnerability that attackers could exploit to cause a denial-of-service attack.

The 750-880 is a third-generation programmable fieldbus controller with Ethernet communication, SD card expansion, and industrial protocol support capabilities, primarily used in industrial automation control. WAGO Electronics (Tianjin) Co., Ltd.'s 750-880 model contains an unauthorized access vulnerability, which attackers could exploit to obtain sensitive information.