VARIoT IoT vulnerabilities database

Xerox Corporation is a long-established American multinational company, originally known for its copier technology, and has now transformed into a digital and document solution provider, with businesses covering printers, scanners, digital printing systems, and document management services. Many products of Xerox Corporation have unauthorized access vulnerabilities, which attackers can exploit to obtain sensitive information.

Fujifilm Xerox(R) C230 Color Printer is a color laser printer, mainly used for printing needs in office environments. Fujifilm (China) Investment Co., Ltd. Fujifilm Xerox(R) C230 Color Printer has a denial of service vulnerability, and attackers can exploit the vulnerability to cause printer service interruption.

H3C Magic NX15000 10G Wi-Fi 6 Router is a high-end router for users and groups who pursue full-house coverage and high-quality networks. H3C Magic NX15000 10G Wi-Fi 6 Router of H3C Technologies Co., Ltd. has a command execution vulnerability. Attackers can use the vulnerability to inject malicious code and obtain server permissions.

ZT199 is a mobile phone. ZTE Corporation's ZT199 has a weak password vulnerability, which can be exploited by attackers to log in to the system and obtain sensitive information.

SAMSUNG is a multinational company from South Korea, with businesses in electronics, finance, machinery, chemistry and many other fields. SAMSUNG SL-M38230ND has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

H3C Magic NX15000 is a 10G Wi-Fi 6 router. H3C Magic NX15000 of H3C Technologies Co., Ltd. has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Platinum Host Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM

Suzhou Keda Technology Co., Ltd. is a leading provider of video and security products and solutions. There is a logic defect vulnerability in the MSS streaming media server of Suzhou Keda Technology Co., Ltd., which can be exploited by attackers to illegally create new user accounts and elevate permissions when logging in.

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint. Shenzhen Tenda Technology Co.,Ltd. of AC6 Firmware has a classic buffer overflow vulnerability.Information may be obtained. The vulnerability is caused by the failure of the schedStartTime and schedEndTime parameters in the /goform/openSchedWifi endpoint to correctly verify the length of the input data. No detailed vulnerability details are currently provided

Sony XAV-AX8500 Bluetooth Packet Handling Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Bluetooth packets. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the elysian-bt-service process. Was ZDI-CAN-26283. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions

Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ble_process_esp32_msg function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26369. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company. The vulnerability is caused by the ble_process_esp32_msg function failing to properly verify the length of the input data

Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain a low-privileged authorization token in order to exploit this vulnerability. The specific flaw exists within the implementation of the Autel Technician API. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-26325. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company

Sony XAV-AX8500 Bluetooth Improper Isolation Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of ACL-U links. The issue results from the lack of L2CAP channel isolation. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26284. Sony Corporation's XAV-AX8500 The firmware contains a containment or classification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions

Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Bluetooth SDP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26288. Sony Corporation's XAV-AX8500 An integer overflow vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions. SONY XAV-AX8500 has an input validation error vulnerability

Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a firmware image before using it to perform an upgrade. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. Was ZDI-CAN-26354. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company

Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Bluetooth L2CAP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the elysian-bt-service process. Was ZDI-CAN-26286. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions

Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Pile API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose credentials, leading to further compromise. Was ZDI-CAN-26352. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company

Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of USB frame packets. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26328. Autel MaxiCharger AC Wallbox Commercial is a smart AI electric vehicle charger from Autel, a US company. The vulnerability is caused by the USB frame packet failing to correctly verify the length of the input data

Sony XAV-AX8500 Bluetooth AVCTP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the Bluetooth AVCTP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26290. (DoS) It may be in a state. SONY XAV-AX8500 is a car AV receiver with enhanced functions