VARIoT IoT vulnerabilities database

Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. plural Dell The product contains a vulnerability in permission management.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. A local authenticated malicious user could potentially exploit this vulnerability to elevate privileges and gain total control of the system. (DoS) It may be in a state

A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220640. Shenzhen Tenda Technology Co.,Ltd. of ac23 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AC23 is a dual-band wireless router for home use launched by Tenda, designed for coverage in large homes and high-speed transmission. It supports 802.11acWave2 technology and has a maximum concurrent dual-band speed of 2033Mbps. Detailed vulnerability information is currently unavailable

Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentially exploit this vulnerability and impersonate a legitimate dell customer to a dell support technician. Dell SupportAssist Is vulnerable to improper restrictions on excessive authentication attempts.Information may be obtained

SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized

SupportAssist for Home PCs (version 3.11.4 and prior) and  SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. Dell PowerScale OneFS There are vulnerabilities in inadequate protection of credentials.Information may be obtained

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. D-Link N300 WI-FI Router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

Dell SupportAssist for Home PCs (version 3.11.2 and prior) contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information. Dell's Dell SupportAssist for Home PCs contains an improper comparison vulnerability.Information may be obtained

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. D-Link N300 WI-FI Router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. D-Link N300 WI-FI Router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. D-Link N300 WI-FI router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. Dell Command | Monitor Exists in unspecified vulnerabilities.Information is tampered with and service operation is interrupted (DoS) It may be in a state

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. D-Link N300 WI-FI router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. D-Link N300 WI-FI Router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. D-Link N300 WI-FI router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. D-Link N300 WI-FI Router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. D-Link N300 WI-FI router DIR-605L Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router made by China D-Link Company. D-Link DIR-605L has a buffer overflow vulnerability, which can be exploited by attackers to cause remote code execution or service interruption