VARIoT IoT vulnerabilities database

TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so. TOTOLINK of a950rg An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A950RG is a super-generation Giga wireless router from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so. TOTOLINK of A3100R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3100R is a series of wireless routers produced by China's TOTOLINK Electronics. The vulnerability is caused by the failure of the priority parameter of the setMacQos interface in /lib/cste_modules/firewall.so to correctly verify the length of the input data. No detailed vulnerability details are currently provided

TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules. TOTOLINK of A3100R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3100R is a series of wireless routers from China's TOTOLINK Electronics. The vulnerability is caused by the failure of the urlKeyword parameter in setParentalRules to properly verify the length of the input data. No detailed vulnerability details are currently provided

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules. TOTOLINK of A3100R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3100R is a series of wireless routers from China's TOTOLINK Electronics. The vulnerability is caused by the comment parameter in setMacFilterRules failing to properly verify the length of the input data. No detailed vulnerability details are currently provided

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules. TOTOLINK of A3100R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3100R is a series of wireless routers from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to crash the application or execute arbitrary code in the context of the application

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid5g parameter in the setWiFiEasyGuestCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid parameter in the setWiFiBasicCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid parameter in the setWiFiGuestCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid5g parameter in the setWiFiEasyCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the text parameter in the setSmsCfg function failing to correctly verify the length of the input data. No detailed vulnerability details are currently provided

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. Shenzhen Tenda Technology Co.,Ltd. of fh451 A stack-based buffer overflow vulnerability exists in the firmware.Information may be obtained and information may be tampered with. No detailed vulnerability details are currently provided

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. SMA100 firmware, SMA200 firmware, SMA210 firmware etc. SonicWALL The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable. SMA100 firmware, SMA200 firmware, SMA210 firmware etc. SonicWALL The product contains a path traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA. SonicWall SMA100 has a path traversal vulnerability. Attackers can exploit this vulnerability to make any directory writable

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. SMA100 firmware, SMA200 firmware, SMA210 firmware etc. SonicWALL The product has a vulnerability related to externally accessible files or directories.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA

An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. RT-Labs of P-Net Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that implements standard communication between industrial devices and PROFINET controllers

An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. RT-Labs of P-Net Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that implements standard communication between industrial devices and PROFINET controllers

An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. RT-Labs of P-Net Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that implements standard communication between industrial devices and PROFINET controllers

An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. RT-Labs of P-Net Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that implements standard communication between industrial devices and PROFINET controllers

An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. RT-Labs of P-Net contains a heap-based buffer overflow vulnerability and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that implements standard communication between industrial devices and PROFINET controllers

An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. RT-Labs of P-Net contains a heap-based buffer overflow vulnerability and an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that implements standard communication between industrial devices and PROFINET controllers