VARIoT IoT vulnerabilities database

Matsushita Electric (China) Co., Ltd. is a manufacturer mainly responsible for the sales and after-sales service activities of home appliances, systems, environment, components and other commodities. Matsushita Electric (China) Co., Ltd. WV-SFN310A has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

New H3C Technology Co., Ltd. is the industry's leading digital solution leader. H3C SecPath F1000-AK145 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Hong Kong Broadband Network Limited is a leading provider of integrated telecommunications and technology solutions. Hong Kong Broadband Network Co., Ltd. Tilgin router has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

NBR2100G-E is an enterprise-level gateway router. Ruijie Networks NBR2100G-E router has an information disclosure vulnerability. Attackers can use this vulnerability to obtain sensitive information.

In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer

CHINA169 is based on the interconnection network of the ten northern provinces of the original China Telecom China Broadband Internet CHINANET. After large-scale reconstruction and expansion, it has formed a brand-new structure that can vigorously dredge broadband services, has rich content and application services, and has flexible access. , A new network that provides customized VPN private network services for major customers and groups. China Unicom China169 has a directory traversal vulnerability, which can be exploited by attackers to obtain sensitive information.

NBR1500D is an enterprise router launched by Beijing Xingwang Ruijie Network Technology Co., Ltd. Beijing Star Network Ruijie Networks Technology Co., Ltd. NBR2000D has a command execution vulnerability, which can be used by attackers to execute commands.

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2055 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the router. D-Link DIR-2055 is a router device. The D-Link DIR-2055 HNAP PrivateLogin verification algorithm has security loopholes

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2055 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of empty passwords. An attacker can leverage this vulnerability to execute arbitrary code on the router. D-Link DIR-2055 is a router device. D-Link DIR-2055 HNAP has a security vulnerability

S5750V2-28GT4XS-L is a switch with a power supply of 45W. Ruijie Networks S5750V2-28GT4XS-L has a command execution vulnerability. Attackers can use this vulnerability to gain control of the server.

TP-LINK TL-WR741N is a wireless router. TP-LINK TL-WR741N has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.

RG-MA1210 is a wireless router. Ruijie Networks RG-MA1210 has a weak password vulnerability. Attackers use weak passwords to log in to the background to obtain sensitive information.

DH-SD6C82E-GN is a high-definition network dome camera. Zhejiang Dahua Technology Co., Ltd. DH-SD6C82E-GN has a weak password vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Leike B21 is a wireless router. Leike B21 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Established in 1995, TOPSEC Technology Group is the first domestic network security company. Today, it has become a leading provider of network security, big data and cloud services in China. TopGate500 of TOPGate Technology Group has a weak password vulnerability. Attackers use weak passwords to log in to the background to obtain sensitive information.

Fuji Xerox (China) Co., Ltd. provides printers and all-in-ones suitable for small and medium-sized enterprises and individual families, as well as color digital multifunction machines, production digital printers, large-format electrostatic digital printers, etc. that can meet the different file management needs of enterprises. Fuji Xerox (China) Co., Ltd. DocuPrint P455 d has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root. Cisco Nexus 9000 Series Fabric Switchess Has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Cisco Nexus 9000 series switches are modular and fixed-port network switches designed specifically for data centers

A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device. Cisco Nexus 9000 Series Fabric Switches Exists in a fraudulent authentication vulnerability.Information may be obtained

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to obtain sensitive information by snooping on the network traffic. The exposed data includes critical values for a pump's internal configuration. B. Braun SpaceCom2 is a hardware device from B. Braun, Germany, which is used to connect external devices to record data in a patient data management system, PC or USB memory stick. Braun SpaceCom2 versions prior to 012U000062 have a security vulnerability

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is due to an improper policy default setting. An attacker could exploit this vulnerability by using a non-privileged credential for Cisco ACI Multi-Site Orchestrator (MSO) to send a specific API request to a managed Cisco APIC or Cloud APIC device. A successful exploit could allow the attacker to obtain Administrator credentials on the affected device. (DoS) It may be in a state