VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202206-2017 CVE-2021-41636 melag  of  ftp server  Past traversal vulnerability in CVSS V2: 6.8
CVSS V3: 6.5
Severity: MEDIUM
MELAG FTP Server 2.2.0.4 allows an attacker to use the CWD command to break out of the FTP servers root directory and operate on the entire operating system, while the access restrictions of the user running the FTP server apply. melag of ftp server Exists in a past traversal vulnerability.Information may be obtained
VAR-202206-1952 CVE-2021-41639 melag  of  ftp server  Vulnerability in plaintext storage of important information in CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
MELAG FTP Server 2.2.0.4 stores unencrpyted passwords of FTP users in a local configuration file. melag of ftp server There is a vulnerability in plaintext storage of important information.Information may be obtained
VAR-202206-1978 CVE-2021-38871 IBM Jazz Team Server  Cross-site scripting vulnerability in CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345. Vendor exploits this vulnerability IBM X-Force ID: 208345 It is published as.Information may be obtained and information may be tampered with
VAR-202206-1935 CVE-2021-20355 IBM Jazz Team  Vulnerability related to improper assignment of permissions to critical resources in servers CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 194891. Vendors must IBM X-Force ID: 194891 It is published as.Information may be obtained
VAR-202206-1944 CVE-2021-20544 IBM Jazz Team Server  Server-side request forgery vulnerability in CVSS V2: 4.0
CVSS V3: 4.3
Severity: MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198931. Vendor exploits this vulnerability IBM X-Force ID: 198931 It is published as.Information may be obtained
VAR-202206-2038 CVE-2021-20421 IBM Jazz Team  Server-side request forgery vulnerability in servers CVSS V2: 4.0
CVSS V3: 4.3
Severity: MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks
VAR-202206-2040 CVE-2022-31803 CODESYS GmbH  of  CODESYS Gateway  Resource exhaustion vulnerability in CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact. CODESYS GmbH of CODESYS Gateway Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202206-1979 CVE-2022-29097 Dell's  Dell Wyse Management Suite  Past traversal vulnerability in CVSS V2: 4.0
CVSS V3: 4.9
Severity: MEDIUM
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. Dell's Dell Wyse Management Suite Exists in a past traversal vulnerability.Information may be obtained
VAR-202206-2069 CVE-2022-29096 Dell's  Dell Wyse Management Suite  Cross-site scripting vulnerability in CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. The offering includes Wyse endpoint centralized management, asset tracking and automatic device discovery. The vulnerability stems from the program's lack of data validation filtering for user-supplied data and output
VAR-202206-1879 CVE-2021-30651 Broadcom  of  Symantec Messaging Gateway  Vulnerability in CVSS V2: 4.0
CVSS V3: 4.9
Severity: MEDIUM
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access. Broadcom of Symantec Messaging Gateway Exists in unspecified vulnerabilities.Information may be obtained
VAR-202206-1829 CVE-2022-31804 CODESYS GmbH  of  CODESYS Gateway  Excessive Size Value Memory Allocation Vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: MEDIUM
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition. CODESYS GmbH of CODESYS Gateway contains a memory allocation vulnerability with excessive size values.Service operation interruption (DoS) It may be in a state
VAR-202206-1953 CVE-2022-31805 CODESYS Development System Security hole CVSS V2: 4.3
CVSS V3: 7.5
Severity: HIGH
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected
VAR-202206-1905 CVE-2021-20543 IBM Jazz Team Server  Cross-site scripting vulnerability in CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 198929. Vendor exploits this vulnerability IBM X-Force ID: 198929 It is published as.Information may be obtained and information may be tampered with
VAR-202206-1921 CVE-2022-31802 CODESYS GmbH  of  CODESYS Gateway  Partial String Comparison Vulnerability in CVSS V2: 7.5
CVSS V3: 9.8
Severity: HIGH
In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password. CODESYS GmbH of CODESYS Gateway contains a partial string comparison vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202206-1785 CVE-2022-32530 Schneider Electric  of  Android  for  geo scada mobile  Vulnerability in leaking resources to the wrong area in CVSS V2: 6.8
CVSS V3: 7.8
Severity: HIGH
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile (Build 222 and prior). Schneider Electric of Android for geo scada mobile Exists in a vulnerability related to the leakage of resources to the wrong area.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Schneider Electric Geo SCADA Mobile is a mobile extension of the French company Schneider Electric. Provides real-time remote access to critical SCADA data, allowing system users to monitor performance while "on the move", increasing staff productivity and improving overall system performance
VAR-202206-1805 CVE-2022-32535 Robert Bosch GmbH  of  pra-es8p2s  Privilege management vulnerability in firmware CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch. Robert Bosch GmbH of pra-es8p2s Firmware contains a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch Company in Germany. Bosch Ethernet switch PRA-ES8P2S Web service privilege escalation vulnerability, remote attackers can use the vulnerability to submit special requests, escalate privileges, and execute arbitrary commands in the root context
VAR-202206-2178 CVE-2022-32536 Robert Bosch GmbH  of  pra-es8p2s  Privilege management vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights. Robert Bosch GmbH of pra-es8p2s Firmware contains a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Bosch Ethernet switch PRA-ES8P2S is a switch from Bosch Company in Germany. Remote attackers can use the loopholes to submit special requests, escalate permissions, and obtain administrator permissions
VAR-202206-1773 CVE-2022-30707 CAMS for HIS  Communication design flaw CVSS V2: 5.4
CVSS V3: 8.8
Severity: HIGH
Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01). If an adjacent attacker successfully compromises a computer using CAMS for HIS software, they can use credentials from the compromised machine to access data from another machine using CAMS for HIS software. This can lead to a disabling of CAMS for HIS software functions on any affected machines, or information disclosure/alteration. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Is a developer and ICS-CERT I made adjustments with.If this vulnerability is exploited, it may be affected as follows. * An attacker who has access to the computer on which the product is installed will obtain the account and password stored on that computer. As a result, another CAMS for HIS The data managed by is leaked or tampered with. * Different by the attacker who got the account and password CAMS for HIS Caused resource exhaustion in CAMS for HIS The function of is stopped
VAR-202206-2162 CVE-2022-32534 Robert Bosch GmbH  of  pra-es8p2s  in the firmware  OS  Command injection vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands. Robert Bosch GmbH of pra-es8p2s The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Bosch Ethernet switch PRA-ES8P2S is a switch made by the German Bosch company. A remote attacker can use the vulnerability to submit special requests and execute arbitrary commands in the application context
VAR-202206-1670 CVE-2022-2156 Advantech iView set_useraccount UserName SQL Injection Remote Code Execution Vulnerability CVSS V2: -
CVSS V3: 8.8
Severity: HIGH
This vulnerability allows remote attackers to create arbitrary files on affected installations of Advantech iView. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the UserName element of the set_useraccount action, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the stable distribution (bullseye), these problems have been fixed in version 103.0.5060.53-1~deb11u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: security-tracker.debian.org/tracker/chromium