VARIoT IoT vulnerabilities database

The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server.

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 < V2.80). Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes

The MOXA ioLogik E1213 is an industrial-grade remote Ethernet I/O module. The MOXA ioLogik E1213 has an unauthorized access vulnerability that could allow attackers to obtain sensitive information.

The H3C BR3000W is a WiFi 6 dual-band Gigabit wireless router designed for home and enterprise scenarios. The H3C BR3000W has an information leakage vulnerability that could allow an attacker to obtain sensitive information.

The ioLogik E1210-T is an industrial Ethernet module. The ioLogik E1210-T from Mosa Technology (Shanghai) Co., Ltd. has an unauthorized access vulnerability that could allow attackers to obtain sensitive information.

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution. Huawei is a leading global provider of ICT (information and communications technology) infrastructure and intelligent devices. Founded in 1987 and headquartered in Shenzhen, Guangdong Province, China, Huawei's business covers over 170 countries and regions, serving over 3 billion people worldwide. This vulnerability is caused by setting certain variables directly after getting them without validating them. Detailed vulnerability details are not available at this time

The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to spawn a Telnet service on a specified port, enabling persistent interactive shell access as root. The D-Link DIR-600 is a wireless router from D-Link, a Chinese company. An attacker could exploit this vulnerability to cause command injection

DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Electronics DIAView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the web service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function. TOTOLINK of n600r The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK N600R is a dual-band wireless router released by the Korean brand TOTOLINK in 2013. It supports concurrent operation in the 2.4GHz and 5GHz bands, with a maximum wireless transmission rate of 300Mbps. An attacker could exploit this vulnerability to execute arbitrary commands

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication. The Netgear DGN1000B is a wireless router from Netgear. Netgear DGN1000B versions 1.1.00.24 and 1.1.00.45 contain a code execution vulnerability due to insufficient input sanitization in the setup.cgi endpoint. An attacker could exploit this vulnerability to cause remote code execution

An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored. The Netgear DGN2200B is a wireless router from Netgear. Netgear DGN2200B versions 1.0.0.36 and earlier contain a code execution vulnerability due to insufficient input sanitization at the pppoe.cgi endpoint. An attacker could exploit this vulnerability to cause remote code execution

An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands. The D-Link DIR-615H1 is a wireless router from D-Link, a Chinese company. The D-Link DIR-615H1 suffers from a command injection vulnerability caused by insufficient input sanitization in the tools_vct.htm endpoint. This vulnerability could allow an attacker to cause remote code execution

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter. D-Link Systems, Inc. of di-8200 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The D-Link DI_8200 is a D-Link router designed for small and medium-sized network environments. It supports multi-line bandwidth aggregation, PPPoE authentication and billing, and intelligent flow control. This vulnerability stems from the yyxz_dlink_asp function failing to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. D-Link Systems, Inc. of di-8200 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The D-Link DI_8200 is a D-Link router designed for small and medium-sized network environments. It supports multi-line bandwidth aggregation, PPPoE authentication and billing, and intelligent flow control. This vulnerability stems from the ipsec_net_asp function failing to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. D-Link Systems, Inc. of di-8200 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The D-Link DI_8200 is a D-Link router designed for small and medium-sized network environments. It supports multi-channel bandwidth aggregation, PPPoE authentication and billing, and intelligent flow control. This vulnerability stems from the ipsec_road_asp function failing to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter in /goform/formLogin. A remote unauthenticated attacker can exploit this to execute arbitrary code with root privileges on the device. The D-Link DIR-605L is D-Link's first cloud router, designed for home and small office networks

The BL-AC2100 is a Wi-Fi 6 wireless router. Shenzhen Bilian Electronics Co., Ltd.'s BL-AC2100 has a binary vulnerability that could allow an attacker to gain server privileges.

The D-Link DI-500WF is a panel-mounted wireless access point. The D-Link DI-500WF, manufactured by D-Link Electronics (Shanghai) Co., Ltd., contains a binary vulnerability that could allow an attacker to execute arbitrary commands.

The Honeywell PD43 is an industrial-grade label printer. The Honeywell PD43, manufactured by Honeywell (China) Co., Ltd., has a weak password vulnerability that could allow attackers to obtain sensitive information.

The Dell 2350dn is a monochrome laser printer. A vulnerability exists in the Dell 2350dn printer from Dell (China) Co., Ltd. that could allow an attacker to obtain sensitive information.