VARIoT IoT vulnerabilities database

A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.852_20230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256313 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of x6000r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X6000R is a wireless router made by China Zeon Electronics (TOTOLINK) Company. TOTOLINK X6000R version 9.4.0cu.852_20230719 has an operating system command injection vulnerability. This vulnerability originates from a security issue in the setDiagnosisCfg function in /cgi-bin/cstecgi.cgi in the component shttpd, which causes operating system command injection by changing the parameter ip. No detailed vulnerability details are currently available

A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time. Attackers can use this vulnerability to submit special requests to crash the application or execute arbitrary code in the application context

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users. schoolbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. The Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). The Tenda AC15 suffers from a stack buffer overflow vulnerability. This vulnerability stems from the failure to properly validate the length of input data in the firewallEn parameter of the formSetFirewallCfg method in the /goform/SetFirewallCfg page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. Cisco WAP121 firmware, Cisco WAP125 firmware, Cisco WAP131 Multiple Cisco Systems products, including firmware, contain a stack-based buffer overflow vulnerability.Information may be obtained and information may be tampered with. Cisco Small Business is a switch of Cisco

A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series firmware version 2.3 and prior allows a remote attacker to exploit the vulnerability by sending crafted payload to the web service. Successful exploitation of the vulnerability could result in denial of service. NPort W2150A firmware, NPort W2250A firmware, NPort W2150A-T firmware etc. Moxa Inc. The product contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state. MOXA NPort W2150A/W2250A is a series of wireless device networking servers from China's MOXA company

Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded. TP-LINK AX50 is a router device produced by China Pulian (TP-LINK) Company. This vulnerability stems from the application's lack of effective filtering and escaping of user-provided data

A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter. D-Link Systems, Inc. of go-rt-ac750 Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. D-Link GO-RT-AC750 is a wireless dual-band simple router from China D-Link. D-Link GO-RT-AC750 has a cross-site scripting vulnerability. This vulnerability stems from the lack of effective filtering and escaping of user-provided data in components such as dlapn.cgi and dldongle.cgi

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. (DoS) It may be in a state. Dell Digital Delivery is an application developed by the American Dell Company specifically for Dell computer equipment and used to purchase computer pre-installed software online. This vulnerability is caused by the program's failure to correctly verify the length of input data

Memory corruption in Audio while processing RT proxy port register driver. 315 5g iot modem firmware, 9205 lte modem firmware, 9206 lte modem Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

EG3210 is a multi-service security gateway. There is a command execution vulnerability in the EG3210 of Beijing StarNet Ruijie Network Technology Co., Ltd. An attacker can use this vulnerability to gain control of the server.

Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file. Linksys of e2000 Firmware contains an access control vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability in the Filters page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. Dell Secure Connect Gateway is a secure connection gateway from the American company Dell. No detailed vulnerability details are currently available

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. No detailed vulnerability details are currently provided

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. No detailed vulnerability details are currently provided

Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change. (DoS) It may be in a state

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain(s) a Stored Cross-Site Scripting Vulnerability in Policy page. An adjacent network high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. Dell Secure Connect Gateway is a secure connection gateway of Dell (Dell) in the United States. No detailed vulnerability details are currently provided

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized devices added to policies. Exploitation may lead to information disclosure and unauthorized access to the system. Dell's secure connect gateway Exists in unspecified vulnerabilities.Information may be obtained and information may be tampered with. No detailed vulnerability details are currently provided

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. No detailed vulnerability details are currently available

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and communicating with the remote server. Dell's secure connect gateway Exists in spoofing authentication evasion vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of DPA files in the DOPSoft executable. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics CNCSoft-B is a CNC machine tool simulation system software from Delta Electronics, Taiwan, China. The vulnerability is caused by the program failing to correctly verify the length of the input data