Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202302-1965 CVE-2023-25231 Shenzhen Tenda Technology Co.,Ltd.  of  w30e  Out-of-bounds write vulnerability in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. Shenzhen Tenda Technology Co.,Ltd. of w30e An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-2489 No CVE Weak password vulnerability exists in TOTOLINK N300RH V4 CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
TOTOLINK N300RH V4 is a wireless router. There is a weak password vulnerability in TOTOLINK N300RH V4, which can be exploited by attackers to obtain sensitive information.
VAR-202302-2116 CVE-2023-23524 Resource exhaustion vulnerability in multiple Apple products CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service. iPadOS , iOS , macOS A resource exhaustion vulnerability exists in multiple Apple products.Service operation interruption (DoS) It may be in a state. tvOS 16.3.2
VAR-202302-2074 CVE-2022-42833 apple's  macOS  Out-of-bounds read vulnerability in CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. apple's macOS Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-2151 CVE-2022-46704 apple's  macOS  Vulnerability in CVSS V2: -
CVSS V3: 5.5
Severity: MEDIUM
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to modify protected parts of the file system. apple's macOS Exists in unspecified vulnerabilities.Information may be tampered with
VAR-202302-1962 CVE-2023-25233 Shenzhen Tenda Technology Co.,Ltd.  of  ac500  Out-of-bounds write vulnerability in firmware CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. Shenzhen Tenda Technology Co.,Ltd. of ac500 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC500 is a Gigabit port access controller from China Tenda Company. The vulnerability originates from the fact that the entrys and mitInterface parameters of the fromRouteStatic function fail to correctly verify the length of user input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202302-2241 CVE-2022-48254 Huawei  of  leia-b29  Firmware vulnerabilities CVSS V2: 6.1
CVSS V3: 4.6
Severity: MEDIUM
There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen authentication. Huawei of leia-b29 There are unspecified vulnerabilities in the firmware.Information may be obtained. Huawei Leia-B29 is a smart bracelet from the Chinese company Huawei
VAR-202302-2117 CVE-2022-48283 Huawei  of  hilink ai life  Vulnerability in privilege management in CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. Huawei of hilink ai life Exists in a permission management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-1901 CVE-2022-48261 Huawei  of  bisheng-wnm  Interpretation conflict vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal. Huawei of bisheng-wnm An interpretation conflict vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. Huawei BiSheng-WNM FW is a HUAWEI printer from the Chinese company Huawei
VAR-202302-2046 CVE-2022-48230 Huawei  of  bisheng-wnm  Interpretation conflict vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS. Huawei of bisheng-wnm An interpretation conflict vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. Huawei BiSheng-WNM FW is a HUAWEI printer from the Chinese company Huawei (Huawei). Huawei BiSheng-WNM FW version 3.0.0.325 has a denial of service vulnerability, which can be exploited by attackers to cause denial of service
VAR-202302-1999 CVE-2022-48305 Huawei  of  simba-al00  Firmware vulnerabilities CVSS V2: 4.9
CVSS V3: 5.5
Severity: MEDIUM
There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail. Huawei of simba-al00 There are unspecified vulnerabilities in the firmware.Information may be obtained
VAR-202302-1951 CVE-2022-46712 apple's  macOS  Vulnerability in using free memory in CVSS V2: -
CVSS V3: 7.8
Severity: HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges. apple's macOS Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-1898 CVE-2022-45140 plural  WAGO  Vulnerability related to lack of authentication for critical functions in the product CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise. 751-9301 firmware, 752-8303/8000-002 firmware, PFC100 firmware etc. WAGO The product contains a lack of authentication vulnerability for critical functionality.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-1902 CVE-2022-48260 Huawei  of  bisheng-wnm  Classic buffer overflow vulnerability in firmware CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. Huawei of bisheng-wnm Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. Huawei BiSheng-WNM FW is a HUAWEI printer from the Chinese company Huawei
VAR-202302-2072 CVE-2023-26602 ASUSTeK Computer Inc.  of  ASMB8-iKVM  Command injection vulnerability in firmware CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. ASUSTeK Computer Inc. of ASMB8-iKVM Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-1868 CVE-2023-26037 ZoneMinder  In  SQL  Injection vulnerability CVSS V2: -
CVSS V3: 9.8
Severity: CRITICAL
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request parameters are not properly validated and could be used execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.33. ZoneMinder for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-1867 CVE-2023-26034 ZoneMinder  In  SQL  Injection vulnerability CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The (blind) SQL Injection vulnerability is present within the `filter[Query][terms][0][attr]` query string parameter of the `/zm/index.php` endpoint. A user with the View or Edit permissions of Events may execute arbitrary SQL. The resulting impact can include unauthorized data access (and modification), authentication and/or authorization bypass, and remote code execution. ZoneMinder for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-2186 CVE-2023-26032 ZoneMinder  In  SQL  Injection vulnerability CVSS V2: -
CVSS V3: 8.1
Severity: HIGH
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain SQL Injection via malicious jason web token. The Username field of the JWT token was trusted when performing an SQL query to load the user. If an attacker could determine the HASH key used by ZoneMinder, they could generate a malicious JWT token and use it to execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.33. ZoneMinder for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202302-1997 CVE-2023-25825 ZoneMinder  Cross-site scripting vulnerability in CVSS V2: -
CVSS V3: 6.1
Severity: MEDIUM
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This is unescaped when viewing the logs in the web ui. This issue is patched in version 1.36.33
VAR-202302-1970 CVE-2023-26039 ZoneMinder  In  OS  Command injection vulnerability CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl() in (/web/api/app/Controller/HostController.php). Any authenticated user can construct an api command to execute any shell command as the web user. This issue is patched in versions 1.36.33 and 1.37.33. ZoneMinder for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state