VARIoT IoT vulnerabilities database

D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control. D-Link Systems, Inc. of DSL-2730u firmware and DSL-2750U There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information. Advantech R-SeeNet is an industrial monitoring software from China's Advantech Company. Advantech R-SeeNet has an information disclosure vulnerability that allows an attacker to obtain login credentials and default SNMP community strings from the snmpmon.ini file and use this information to launch further attacks on the affected system

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in to Cisco Catalyst SD-WAN Manager and issuing crafted requests using the web UI. A successful exploit could allow the attacker to obtain arbitrary files from the underlying Linux file system of an affected system. To exploit this vulnerability, the attacker must be an authenticated user. Cisco Systems Cisco Catalyst SD-WAN Manager Exists in unspecified vulnerabilities.Information may be obtained

Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue. This vulnerability is caused by an HTTP/2 frame format error and is vulnerable to HTTP/2 and s3 authentication plug-in attacks. An attacker could exploit this vulnerability to cause a denial of service. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5549-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : trafficserver CVE ID : CVE-2022-47185 CVE-2023-33934 CVE-2023-39456 CVE-2023-41752 CVE-2023-44487 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or information disclosure. For the oldstable distribution (bullseye), these problems have been fixed in version 8.1.9+ds-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 9.2.3+ds-1+deb12u1. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmVH8qoACgkQEMKTtsN8 TjbxOhAAkZMjvXgCcE1d9hO03bcOOVEU8dm3D7POoeIVqmZlgHRH6Q7xh1E3ER+C dl2Nix0Y+8KiCP9JjL6K9yzNcMpmeQ1M6QYD8HJxyj/ihVpWv+SMrdelVyYG5BPM ClWLHzNk6oQm3fMWE//EXm6vxoXOust61gTjhjozV7D1VvWYvLdDt/w59I+wHHc2 XIJ9gVakNvVrmdB2ItEwrYmPrRA6uECB3ag3xP4Wh1H9SkwVgcbBW6ZrgmPAjVQO UTxdCYJuoWkYavr6bolxUG833DfnJRPk9mZJVCdvX4FJnNI6Mp/XGWQ0KNx8K2Xj u6bG//dTJ948q0i5c4thWlCuKkalpZAJ3KxcFyZo6Io1QjCaSN49Rj1agCuiJp4r nmbh0GAlebvOypuiOZieJEEbTIhJpgF1hCLS2jy/Eo8qLP7Iodvr2US7JNwVEirj v0GZx9w9uyFYKfNgRDlJDdaJsmi+2YfbXO4uxp8rFNUY3acL/P8mTsMJohiWjNuH q+/hY7egr7igRPSe+zl2m/tpx1zlPxH761qMqdTVNwztE4t09vW4crPrQ8siwmC1 0HCyGef7R8eNqlODCwpeG1wC+DXHzx00FWUG1r24lNGf7koFnsuALJBPGRptbHqm v6z+piRi8deQNb1vCsQXBzsXjVrK+i/MAAjNixnvTJ9BnVh2ZPY= =gKYQ -----END PGP SIGNATURE-----

D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php. D-Link Systems, Inc. of dar-7000 The firmware has SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can use this vulnerability to execute illegal SQL commands and steal sensitive data from the database

D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php. D-Link Systems, Inc. of dar-7000 The firmware has SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute illegal SQL commands and steal sensitive data from the database

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected. WAGO The following vulnerabilities exist in multiple products provided by . * Externally controllable reference to another region resource (CWE-610) - CVE-2023-4089If the vulnerability is exploited, it may be affected as follows

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. TOTOLINK of X5000R firmware and a7000r An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. TOTOLINK X5000R is a router. TOTOLINK A7000R is a wireless router

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. TOTOLINK of X5000R firmware and a7000r An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X5000R is a router. TOTOLINK A7000R is a wireless router. TOTOLINK X5000R and A7000R setLanguageCfg function stack overflow vulnerability, attackers can exploit this vulnerability to cause buffer overflow and execute arbitrary code on the system

D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. D-Link Systems, Inc. of DIR-820L Firmware contains unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. D-Link Systems, Inc. of DIR-820L The firmware contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. TOTOLINK of X5000R firmware and a7000r An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X5000R is a router. TOTOLINK A7000R is a wireless router. There is a buffer overflow vulnerability in TOTOLINK X5000R and A7000R. The vulnerability is caused by the http_host parameter in the loginAuth function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule. TOTOLINK of X5000R firmware and a7000r An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK X5000R is a router. TOTOLINK A7000R is a wireless router. An attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an unauthorized actor vulnerability that could leak user credentials. Advantech Provided by the company WebAccess The following vulnerabilities exist in. It was * information leak (CWE-200) - CVE-2023-4215If the vulnerability is exploited, it may be affected as follows. It was * When configuring or changing your account information on that device; Cloud Agent Debug User credentials are stolen using the service. Advantech WebAccess is a set of browser-based HMI/SCADA software from Advantech, a Chinese company. The software supports dynamic graphic display and real-time data control, and provides the function of remote control and management of automation equipment

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.1, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0 through 4.0.3, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox 2.5 all versions, FortiSandbox 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests. fortinet's FortiSandbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

An improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0, FortiSandbox 4.2.1 through 4.2.4, FortiSandbox 4.0 all versions, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0.4 through 3.0.7 allows attacker to execute unauthorized code or commands via crafted HTTP requests. fortinet's FortiSandbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0 through 4.0.3, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox 2.5 all versions, FortiSandbox 2.4 all versions allows attacker to denial of service via crafted http requests. fortinet's FortiSandbox Exists in a past traversal vulnerability.Service operation interruption (DoS) It may be in a state

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.1, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0 through 4.0.3, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox 2.5 all versions, FortiSandbox 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests. fortinet's FortiSandbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

A improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.1, FortiSandbox 4.2.1 through 4.2.5, FortiSandbox 4.0.0 through 4.0.3, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox 2.5 all versions, FortiSandbox 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests. fortinet's FortiSandbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with