VARIoT IoT vulnerabilities database

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with

Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file. F5 Networks of njs Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function. F5 Networks of njs Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. The Tenda AC6 is a dual-band wireless router from Tenda, supporting both 2.4GHz and 5GHz bands and achieving a maximum transmission rate of 1167Mbps. An attacker could exploit this vulnerability to cause a denial of service

Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX password automatically for Guice users. Apache Software Foundation of Apache James Exists in a vulnerability related to the lack of authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of firmware images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19703. TP-LINK Technologies of archer ax21 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application. 3CX multiple of OS for 3cx Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK A950RG is a wireless router. TOTOLINK A950RG has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. TOTOLINK of A7100RU Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK A7100RU is a wireless router manufactured by the Chinese company TOTOLINK, primarily used for home network connections. An attacker could exploit this vulnerability to execute arbitrary commands

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. TOTOLINK of A7100RU Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK A7100RU is a wireless router manufactured by the Chinese company TOTOLINK, primarily used for home network connections. An attacker could exploit this vulnerability to execute arbitrary commands

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. TOTOLINK of A7100RU Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK A7100RU is a wireless router manufactured by the Chinese company TOTOLINK, primarily used for home network connections. An attacker could exploit this vulnerability to execute arbitrary commands

In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-256166866References: N/A. Google of Android Exists in a buffer error vulnerability.Information may be obtained. Google Pixel is a smart phone of Google (Google). Google Pixel has a buffer overflow vulnerability. The vulnerability is caused by a boundary error in the data processing in ConvertToHalMetadata of aidl_utils.cc. Attackers can use this vulnerability to obtain sensitive information

In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_interface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255305114. Google of Android Exists in an out-of-bounds read vulnerability.Information may be obtained. Google Pixel is a smart phone of Google (Google). Google Pixel has a buffer overflow vulnerability. The vulnerability is caused by a boundary error in data processing in btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_interface.cc. Attackers can exploit this vulnerability to cause information disclosure

In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184847040. Google of Android Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smart phone of Google (Google). Google Pixel has an authorization problem vulnerability. The vulnerability stems from improper permission management in multiple functions of BackupHelper.java. Attackers can use this vulnerability to cause privilege escalation

In buildCommand of bluetooth_ccc.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238420277References: N/A. Google of Android Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smart phone of Google (Google). There is a logic error vulnerability in Google Pixel. Attackers can exploit this vulnerability to cause privilege escalation

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. TOTOLINK of cp900 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK CP900 is a wireless router produced by China Zeon Electronics (TOTOLINK). There is a command injection vulnerability in TOTOLINK CP900. The vulnerability stems from the failure of the setWebWlanIdx function to properly filter special characters, commands, etc. in constructing commands

In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259939364. Google of Android Exists in an out-of-bounds read vulnerability.Information may be obtained. Google Pixel is a smartphone of Google (Google). Google Pixel has a buffer overflow vulnerability. The vulnerability is caused by a boundary error in data processing in BtaAvCo::GetNextSourceDataPacket of bta_av_co.cc. Attackers can exploit this vulnerability to cause information disclosure

Shenzhen Tenda Technology Co.,Ltd. of AX3 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AX3 is a dual-band gigabit wireless router for home use, launched by Tenda Technology. It supports the Wi-Fi 6 (802.11ax) standard and emphasizes high-performance network coverage and stable connections. The Tenda AX3 contains a buffer overflow vulnerability. This vulnerability stems from a boundary error in `/goform/SetFirewallCfg` when processing untrusted input. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial-of-service attack

In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568750. Google of Android Exists in an out-of-bounds read vulnerability.Information may be obtained. Google Pixel is a smartphone of Google (Google). Google Pixel has a buffer overflow vulnerability. The vulnerability is caused by a boundary error in data processing in on_iso_link_quality_read of btm_iso_impl.h. Attackers can exploit this vulnerability to cause information disclosure