VARIoT IoT vulnerabilities database

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the first, then the buffer will be overwritten. This issue affects the SetupUtility driver of InsydeH2O

There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation. ZTE ZXA10 C3XX is a series of optical access and convergence equipment with EPON/GPON functions produced by China ZTE Corporation (ZTE)

A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote attacker to access the device using an improper pre-configured password if the remote administration feature has been enabled by an authenticated administrator. ZyXEL of lte3301-m209 A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Zyxel LTE3301-M209 is a wireless router made by China Zyxel. There is an access control error vulnerability in Zyxel LTE3301-M209 V1.00(ABLG.6)C0 and earlier versions, which is caused by incorrect access control

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2. NETGEAR R7000P is a wireless router made by NETGEAR. The vulnerability is due to the lack of length verification of the input data for the KEY1 and KEY2 parameters. Attackers can use this vulnerability to initiate denial of service or remote code execution

A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24). Schneider Electric Modicon M340 is a medium-range PLC (programmable logic controller) for industrial processes and infrastructures from Schneider Electric, France. Schneider Electric products have an authorization problem vulnerability. This vulnerability stems from improper authority management

D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. D-Link DIR-882 is a wireless router made by China D-Link Company. The vulnerability is due to the lack of length verification of the input data in the websRedirect function. Attackers can exploit the vulnerability to cause denial of service or remote code execution

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute. NETGEAR R7000P is a wireless router made by NETGEAR. No detailed vulnerability details are currently available

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering. The NETGEAR R7000P is a dual-band router from Netgear's Nighthawk series, optimized for gaming, streaming, and mobile devices. No detailed vulnerability details are available at this time

The Director database component of MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type. Mitel Networks Corporation of MiVoice Connect There is a code injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6_211111 3.20.1(US) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-18334. TP-LINK Technologies of TL-WR940N A vulnerability exists in the firmware regarding the use of insufficient random values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TP-LINK TL-WR940N is a wireless router made by TP-LINK in China

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. The Tenda AC18 is a dual-band wireless router launched in July 2016 by Shenzhen Jixiang Tenda Technology Co., Ltd., primarily targeting villa and large-apartment users. Detailed vulnerability information is not currently available

An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role. ABB MicroSCADA Pro SYS600 is a set of monitoring and data acquisition software from ABB in Switzerland. The software is mainly used in substation automation, SCADA electrical, power distribution management applications and industrial power management etc. An attacker could exploit this vulnerability to execute code remotely

Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function via set_device_name. Tenda AC21 is a wireless router made by China Tenda Company. The vulnerability stems from the fact that its set_device_name function does not check the length of the input data. Attackers can exploit the vulnerability to cause denial of service

Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName. The Tenda AC18 is a dual-band wireless router launched in July 2016 by Shenzhen Jixiang Tenda Technology Co., Ltd., primarily targeting villa and large-apartment users. Detailed vulnerability information is not currently available

Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. Tenda AC15 is a wireless router made by China Tenda Company. The vulnerability is due to the fact that its formSetPPTPServer function does not check the length of the input data. Attackers can use the vulnerability to launch a denial of service attack

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. Tenda AC15 is a wireless router made by China Tenda Company. The vulnerability is caused by the fact that the fromSetRouteStatic function does not check the length of the input data. Attackers can use the vulnerability to launch a denial of service attack

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind. Tenda AC15 is a wireless router made by China Tenda Company. The vulnerability comes from the fact that its formSetIpMacBind function does not check the length of the input data. Attackers can use the vulnerability to launch a denial of service attack

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. Tenda AC18 is a router made by Chinese company Tenda. The vulnerability is caused by the fact that the addWifiMacFilter function does not check the length of the input data. Attackers can exploit the vulnerability to cause denial of service

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application

PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration. PowerPath Management Appliance Exists in unspecified vulnerabilities.Information may be obtained and information may be tampered with