VARIoT IoT vulnerabilities database

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. Shenzhen Tenda Technology Co.,Ltd. of AC9 The firmware contains vulnerabilities related to the use of hard-coded passwords and vulnerabilities related to the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker could exploit this vulnerability to compromise confidentiality

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Corporation of DIR-816L The firmware contains a command injection vulnerability. (DoS) It may be in a state. The D-Link DIR-816L is a dual-band wireless router that supports 2.4GHz and 5GHz bands, with a maximum transmission rate of 450Mbps. This vulnerability stems from the fact that the `service` parameter in the file `/soap.cgi` fails to properly filter special characters and commands used in command construction. Detailed vulnerability information is not currently available

The NPort 5410 is an industrial-grade serial communication processor primarily used to connect traditional serial devices to a network for remote management and monitoring. The NPort 5410 from Mosa Technology (Shanghai) Co., Ltd. has an unauthorized access vulnerability that could allow attackers to obtain sensitive information.

The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es). TP-LINK Technologies of TL-WR841N firmware, TL-WR841ND firmware, Archer C7 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution. CivetWeb project of CivetWeb Exists in a stack-based buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state

A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Shenzhen Tenda Technology Co.,Ltd. of ac21 firmware and ac23 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Telesquare of TLR-2005KSH Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

The IICAM500GK is a webcam product. The IIST IICAM500GK has a weak password vulnerability that could allow attackers to log into the system and obtain sensitive information.

The RICOH M C251FW is an A4 color laser multifunction printer that supports Wi-Fi Direct and NFC. The RICOH M C251FW, manufactured by Ricoh (China) Investment Co., Ltd., has an unauthorized access vulnerability that could allow an attacker to obtain sensitive information and modify user passwords.

The SupOS industrial operating system, developed by LanZhuo Digital Technology Co., Ltd., directly addresses core manufacturing scenarios, addressing issues such as production equipment management, production control, production management, production safety, and business operations. It helps companies achieve the five key goals of safety, quality improvement, cost reduction, efficiency improvement, and environmental protection. LanZhuo Digital Technology Co., Ltd.'s SupOS industrial operating system contains an information leakage vulnerability that could be exploited by attackers to obtain sensitive information.

The e-STUDIO478S is a printer. Toshiba Corporation. The e-STUDIO478S has an unauthorized access vulnerability that could allow an attacker to obtain sensitive information.

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited. TOTOLINK of x2000r There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK X2000R is a WiFi 6 router released by China's TOTOLINK Electronics. It supports Gigabit networking and Easy Mesh functionality, enabling multi-device connectivity and wireless expansion. Detailed vulnerability details are currently unavailable

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 to escalate privileges to root via a crafted UDP packet. Shenzhen Tenda Technology Co.,Ltd. of AC10 There is an input validation vulnerability in firmware.Information may be obtained. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily for users with fiber optic connections of 200Mbps and above. Detailed vulnerability details are currently unavailable

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware contains an access control vulnerability.Information may be obtained. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily for users with fiber optic connections of 200Mbps and above

Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info. Shenzhen Tenda Technology Co.,Ltd. of AC10 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily targeting fiber optic users with speeds of 200 Mbps and above. The Tenda AC10 suffers from a stack buffer overflow vulnerability caused by the get_parentControl_list_Info function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Linksys of RE6250 Firmware and other products from multiple vendors have command injection vulnerabilities, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C. Shenzhen Tenda Technology Co.,Ltd. of AC10 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily targeting users with fiber optic connections of 200Mbps and above. This vulnerability stems from the failure of the security_5g parameter in the sub_46284C function to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler. Shenzhen Tenda Technology Co.,Ltd. of AC10 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC10 is a dual-band gigabit wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd., primarily for fiber optic users with speeds of 200 Mbps and above. This vulnerability stems from the failure of the Password parameter in the R7WebsSecurityHandler function to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header with an incorrect realm was received without a previous 401 response being sent, the get_authorization_header() function in res_pjsip_authenticator_digest will return a NULL. This wasn't being checked before attempting to get the digest algorithm from the header which causes a SEGV. This issue has been patched in versions 20.15.2, 21.10.2, and 22.5.2. There are no workarounds.

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can leak due to a lack of session termination. This could result in leaks and resource exhaustion. This issue has been patched in versions 18.26.4 and 18.9-cert17.