VARIoT IoT vulnerabilities database

Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set. Shenzhen Tenda Technology Co.,Ltd. of AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the fact that the fast_setting_wifi_set function does not check the size of the input data. Attackers can exploit the vulnerability to cause remote code execution or denial of service

Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/. Shenzhen Tenda Technology Co.,Ltd. of AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the fact that the formSetQosBand function does not check the size of the input data. Attackers can exploit the vulnerability to cause remote code execution or denial of service

There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system. zxa10 b76hv3 firmware, zxa10 b766v2 firmware, zxa10 b800v2 firmware etc. ZTE There are unspecified vulnerabilities in the product.Information is tampered with and service operation is interrupted (DoS) It may be in a state. ZTE ZXvSTB is a cloud-based set-top box of China ZTE (ZTE). ZTE ZXvSTB has an authorization problem vulnerability

Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/. Shenzhen Tenda Technology Co.,Ltd. of W20E An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is due to the fact that the formIPMacBindDel method does not check the size of the input data when the request /goform/delIpMacBind/ is included. Attackers can exploit the vulnerability to cause remote code execution or rejection Serve

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). Tenda of AC15 firmware and AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both the Tenda AC15 and Tenda AC18 are products of the Chinese company Tenda. Tenda AC15 is a wireless router. Tenda AC18 is a router. The vulnerability is caused by the fact that the fromDhcpListClient method does not check the size of the input data with the combination parameter list*. Attackers can exploit the vulnerability to cause remote code execution or denial of service

Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/. Tenda of AC15 firmware and AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both the Tenda AC15 and Tenda AC18 are products of the Chinese company Tenda. Tenda AC15 is a wireless router. Tenda AC18 is a router. The vulnerability stems from the fact that the setSchedWifi method does not check the size of the input data when there is a request /goform/openSchedWifi/. Attackers can exploit the vulnerability to cause remote code execution or rejection Serve

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set. Tenda of AC15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC15 is a wireless router made by China Tenda Company. The vulnerability comes from the fact that the list parameter of the fast_setting_wifi_set function does not check the size of the input data. Attackers can exploit the vulnerability to cause remote code execution or denial of service

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting. Tenda of AC15 firmware and AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both the Tenda AC15 and Tenda AC18 are products of the Chinese company Tenda. Tenda AC15 is a wireless router. Tenda AC18 is a router. The vulnerability stems from the fact that the fromNatStaticSetting method does not check the size of the input data when it has the request /goform/NatStaticSetting. Attackers can exploit the vulnerability to cause remote code execution or rejection Serve

Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. Shenzhen Tenda Technology Co.,Ltd. of W20E An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is due to the fact that the formSetPortMapping method does not check the size of the input data when it has a POST request goform/setPortMapping/

Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/. Shenzhen Tenda Technology Co.,Ltd. of W20E An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the fact that the formSetDebugCfg method does not check the size of the input data when it has a request /goform/setDebugCfg/. Attackers can use the vulnerability to cause remote code execution or denial of service

Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. Shenzhen Tenda Technology Co.,Ltd. of AC15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the fact that the fromAddressNat method does not check the size of the input data. Attackers can exploit the vulnerability to cause remote code execution or denial of service

A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An app may gain unauthorized access to Bluetooth. apple's macOS Exists in unspecified vulnerabilities.Information may be tampered with. Apple macOS Monterey is the eighteenth major release of Apple's Macintosh desktop operating system, macOS. A logic error vulnerability exists in Apple macOS Monterey

Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function. Shenzhen Tenda Technology Co.,Ltd. (DoS) It may be in a state

TOTOLINK A720R is a WIFI amplifier that can be used as a router. TOTOLINK A720R has multiple stack overflow vulnerabilities, which can be exploited by attackers to cause stack overflow.

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy. of netgear R7000 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. of netgear WNR2000v4 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Switcher plugin <= 1.2.11 at WordPress allows plugin settings change

Improper detection of complete HTTP body decompression SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects (HTTPRequestDecompressor and HTTPResponseDecompressor) both failed to detect when the decompressed body was considered complete. If trailing junk data was appended to the HTTP message body, the code would repeatedly attempt to decompress this data and fail. This would lead to an infinite loop making no forward progress, leading to livelock of the system and denial-of-service. This issue can be triggered by any attacker capable of sending a compressed HTTP message. Most commonly this is HTTP servers, as compressed HTTP messages cannot be negotiated for HTTP requests, but it is possible that users have configured decompression for HTTP requests as well. The attack is low effort, and likely to be reached without requiring any privilege or system access. The impact on availability is high: the process immediately becomes unavailable but does not immediately crash, meaning that it is possible for the process to remain in this state until an administrator intervenes or an automated circuit breaker fires. If left unchecked this issue will very slowly exhaust memory resources due to repeated buffer allocation, but the buffers are not written to and so it is possible that the processes will not terminate for quite some time. This risk can be mitigated by removing transparent HTTP message decompression. The issue is fixed by correctly detecting the termination of the compressed body as reported by zlib and refusing to decompress further data. The issue was found by Vojtech Rylko (https://github.com/vojtarylko) and reported publicly on GitHub. apple's SwiftNIO Extras Exists in an infinite loop vulnerability.Service operation interruption (DoS) It may be in a state. The impact on availability is high: the..

A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions include:CV81-WDM FW versions 01.70.49.29.46. Huawei CV81-WDM FW is a laser multifunctional printer produced by Huawei, China

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lighttpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13796. plural D-Link Routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state