VARIoT IoT vulnerabilities database

HPE (China) Co., Ltd. is a company mainly engaged in the research and development, production and manufacturing of computer hardware, software and its peripherals, and operates related electronic products. HPE OfficeConnect Switch 1820 48G PoE+ (370W) J9984A of HPE (China) Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Wuxi Xinjie Electric Co., Ltd. is a listed company that focuses on the research and development and application of industrial automation products. Wuxi Xinjie Electric Co., Ltd. Xinjie XS3-26T4 PLC has an industrial control equipment vulnerability, which can be exploited by attackers to cause denial of service.

ZAVIO F531 and ZAVIO F511W have an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.

SP C261SFNw is a color laser multifunction printer launched by Ricoh. Ricoh (China) Investment Co., Ltd. SP C261SFNw has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

DCP-1610W series wireless black and white laser multifunction printer. Brother (China) Commercial Co., Ltd. DCP-1610W series has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

AC6 is an 11ac dual-band wireless router designed for 100M fiber homes. AC6 of Shenzhen Jixiang Tengda Technology Co., Ltd. has a binary vulnerability that can be exploited by attackers to cause a denial of service.

TP-LINK TL-WR841ND is a wireless router from TP-LINK of China. TP-LINK TL-WR841ND has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

RICOH MP C4504ex is a printer product. RICOH MP C4504ex of Ricoh (China) Investment Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

e-STUDIO2020AC is a printer. Toshiba e-STUDIO2020AC has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of RX3 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to cause a denial of service or execute arbitrary code

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects some unknown processing of the file /goform/wrlwpsset. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Tenda FH1202 is a wireless router produced by China's Tenda Corporation. Attackers can use this vulnerability to launch remote attacks to gain access rights

A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of w18e An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state

HP Color LaserJet Pro MFP M479fdw is a wireless color laser printer. HP Color LaserJet Pro MFP M479fdw of HP Trading (Shanghai) Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

CL4NX-Jplus is a smart barcode printer. SATO CL4NX-JPlus has a weak password vulnerability that can be exploited by attackers to obtain sensitive information.

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack. Shenzhen Tenda Technology Co.,Ltd. of AC15 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability, which was classified as problematic, has been found in Tenda AC23 16.03.07.52. This issue affects some unknown processing of the file /goform/VerAPIMant of the component API Interface. The manipulation of the argument getuid leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of ac23 A vulnerability exists in firmware related to improper shutdown and release of resources.Service operation interruption (DoS) It may be in a state. AC23 is a wireless router that provides high-speed wireless network connection. The vulnerability is caused by the improper processing of getuid parameters by the /goform/VerAPIMant component. An attacker can use this vulnerability to send specially crafted requests to cause a denial of service

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability, a stack-based buffer overflow vulnerability, and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC10 is a home wireless router that provides wireless network connection and management functions. The vulnerability stems from the improper processing of the list parameter by the ShutdownSetAdd function in the /goform/ShutdownSetAdd file. An attacker can exploit this vulnerability to launch a remote attack, achieve a stack overflow, and then execute arbitrary code

Schneider M340 is a high-performance mid-range PLC platform launched by Schneider Electric. Schneider M340 of Schneider Electric (China) Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

HP LaserJet MFP M132nw is a multifunctional black and white laser printer. HP LaserJet MFP M132nw of HP Trading (Shanghai) Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary printer commands.

AC8 is a dual-band 3G wireless router suitable for fiber-optic homes within 1000M, supporting Gigabit ports, intelligent frequency selection, parental control and other functions. Shenzhen Jixiang Tengda Technology Co., Ltd. AC8 router has a binary vulnerability that can be exploited by attackers to cause a denial of service.