VARIoT IoT vulnerabilities database
| VAR-202301-0230 | CVE-2022-33285 | plural Qualcomm Product out-of-bounds read vulnerability |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. plural Qualcomm The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202301-0205 | CVE-2022-33286 | plural Qualcomm Product out-of-bounds read vulnerability |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. plural Qualcomm The product contains an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202301-0235 | CVE-2022-33266 | plural Qualcomm Buffer error vulnerability in the product |
CVSS V2: - CVSS V3: 5.9 Severity: MEDIUM |
Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content. plural Qualcomm The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202301-0175 | CVE-2022-35845 | FortiTester In OS Command injection vulnerability |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell. FortiTester for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202301-0415 | CVE-2022-39947 | FortiADC In OS Command injection vulnerability |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4.5 may allow an attacker to execute unauthorized code or commands via specifically crafted HTTP requests. FortiADC for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202301-0176 | CVE-2022-41336 | FortiPortal Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 4.8 Severity: MEDIUM |
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiPortal versions 6.0.0 through 6.0.11 and all versions of 5.3, 5.2, 5.1, 5.0 management interface may allow a remote authenticated attacker to perform a stored cross site scripting (XSS) attack via sending request with specially crafted columnindex parameter. FortiPortal Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202301-0387 | CVE-2022-42471 | FortiWeb Vulnerability in |
CVSS V2: - CVSS V3: 5.4 Severity: MEDIUM |
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary headers. FortiWeb Exists in unspecified vulnerabilities.Information may be obtained and information may be tampered with
| VAR-202301-0097 | CVE-2022-41645 | Made by Fuji Electric V-Server Multiple vulnerabilities in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Out-of-bounds read vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. Provided by Fuji Electric Co., Ltd. V-Server contains multiple vulnerabilities: * Stack-based buffer overflow (( CWE-121 ) - CVE-2022-47908 It was * Out-of-bounds read (( CWE-125 ) - CVE-2022-41645 It was * Out-of-bounds writing (( CWE-787 ) - CVE-2022-47317 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Fuji Electric V-Server is software for collecting and managing real-time field data.
An out-of-bounds read vulnerability exists in Fuji Electric V-Server
| VAR-202301-0096 | CVE-2022-47908 | Made by Fuji Electric V-Server Multiple vulnerabilities in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Stack-based buffer overflow vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. Provided by Fuji Electric Co., Ltd. V-Server contains multiple vulnerabilities: * Stack-based buffer overflow (( CWE-121 ) - CVE-2022-47908 It was * Out-of-bounds read (( CWE-125 ) - CVE-2022-41645 It was * Out-of-bounds writing (( CWE-787 ) - CVE-2022-47317 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Fuji Electric V-Server is software for collecting and managing real-time field data.
Fuji Electric V-Server contains a buffer overflow vulnerability
| VAR-202301-0098 | CVE-2022-47317 | Made by Fuji Electric V-Server Multiple vulnerabilities in |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
Out-of-bounds write vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. Provided by Fuji Electric Co., Ltd. V-Server contains multiple vulnerabilities: * Stack-based buffer overflow (( CWE-121 ) - CVE-2022-47908 It was * Out-of-bounds read (( CWE-125 ) - CVE-2022-41645 It was * Out-of-bounds writing (( CWE-787 ) - CVE-2022-47317 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Fuji Electric V-Server is software for collecting and managing real-time field data
| VAR-202301-0089 | CVE-2015-10011 | OpenDNS OpenResolve Encoding and escaping vulnerabilities in |
CVSS V2: 4.1 CVSS V3: 4.6 Severity: MEDIUM |
A vulnerability classified as problematic has been found in OpenDNS OpenResolve. This affects an unknown part of the file resolverapi/endpoints.py. The manipulation leads to improper output neutralization for logs. The identifier of the patch is 9eba6ba5abd89d0e36a008921eb307fcef8c5311. It is recommended to apply a patch to fix this issue. The identifier VDB-217197 was assigned to this vulnerability. OpenDNS OpenResolve Exists in encoding and escaping vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202301-0108 | CVE-2015-10010 | OpenDNS OpenResolve Cross-site scripting vulnerability in |
CVSS V2: 2.6 CVSS V3: 3.1 Severity: LOW |
A vulnerability was found in OpenDNS OpenResolve. It has been rated as problematic. Affected by this issue is the function get of the file resolverapi/endpoints.py of the component API. The manipulation leads to cross site scripting. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The name of the patch is c680170d5583cd9342fe1af43001fe8b2b8004dd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217196. OpenDNS OpenResolve Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202301-0102 | CVE-2021-41823 | Web Application Firewall Cross-site scripting vulnerability in |
CVSS V2: - CVSS V3: 6.1 Severity: MEDIUM |
The Web Application Firewall (WAF) in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism. Web Application Firewall (WAF) Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
| VAR-202212-2426 | CVE-2017-20156 | Exciting Printer Command injection vulnerability in |
CVSS V2: 5.2 CVSS V3: 5.5 Severity: MEDIUM |
A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command injection. The patch is named 5f8c715d6e2cc000f621a6833f0a86a673462136. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217139. Exciting Printer Contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Explore the possibilities of IoT printing
| VAR-202212-2435 | CVE-2022-47123 | Tenda A15 Out-of-bounds write vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. Tenda A15 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda A15 is a WiFi extender from the Chinese company Tenda. The vulnerability stems from the fact that the wepkey3 parameter of /goform/WifiBasicSet lacks a length check on the input data. Attackers can use this vulnerability to execute arbitrary code on the system
| VAR-202212-2358 | CVE-2022-47122 | Tenda A15 Out-of-bounds write vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd_5g parameter at /goform/WifiBasicSet. Tenda A15 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda A15 is a WiFi extender from Chinese company Tenda. By sending an overly long string with the wrlPwd_5g parameter, a remote attacker could exploit this vulnerability to execute arbitrary code on the system
| VAR-202212-2591 | CVE-2022-46600 | TRENDnet TEW755AP Out-of-bounds write vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin parameter in the action set_sta_enrollee_pin_24g function. TRENDnet TEW755AP Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TEW-755AP is a router produced by TRENDnet.
There is a stack overflow vulnerability in TRENDnet TEW-755AP. The vulnerability is due to the fact that the wps_sta_enrollee_pin parameter in the set_sta_enrollee_pin_24g function lacks a size check for the input data. Attackers can use this vulnerability to execute arbitrary code on the system
| VAR-202212-2320 | CVE-2022-47119 | Tenda A15 Out-of-bounds write vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. Tenda A15 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda A15 is a WiFi extender from Chinese company Tenda. The vulnerability stems from the fact that the ssid parameter of /goform/WifiBasicSet lacks a length check on the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system
| VAR-202212-2590 | CVE-2022-46585 | TRENDnet TEW755AP Out-of-bounds write vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTE_USER parameter in the get_access (sub_45AC2C) function. TRENDnet TEW755AP Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TEW-755AP is a router produced by TRENDnet. The vulnerability is due to the lack of size check of the input data in the REMOTE_USER parameter in the get_access (sub_45AC2C) function. Attackers can use this vulnerability to execute arbitrary code on the system
| VAR-202212-2322 | CVE-2022-46598 | TRENDnet TEW755AP Out-of-bounds write vulnerability in |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the wps_sta_enrollee_pin parameter in the action set_sta_enrollee_pin_5g function. TRENDnet TEW755AP Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TEW-755AP is a router produced by TRENDnet. The vulnerability stems from the fact that the wps_sta_enrollee_pin parameter in the set_sta_enrollee_pin_5g function fails to properly filter special characters and commands for constructing commands. An attacker could exploit this vulnerability to execute arbitrary commands on the system