VARIoT IoT vulnerabilities database

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter. Tenda AX1806 is a WiFi6 wireless router from Tenda, China. A stack overflow vulnerability exists in Tenda AX1806, which allows remote attackers to use the vulnerability to submit special requests that can crash the application or execute arbitrary code in the context of the application

A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password. Google of Android Is vulnerable to improper restrictions on excessive authentication attempts.Information may be obtained. Samsung fingerprint matching algorithm is a fingerprint matching algorithm for Samsung mobile devices. There is a design error vulnerability in the Samsung fingerprint matching algorithm. This vulnerability is due to the improper design of the failure counting algorithm

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface. TP-Link TL-WR886N is a wireless router from China Pulian Company. The TP-Link TL-WR886N /cloud_config/router_post/check_reset_pwd_verify_code has a stack overflow vulnerability, which can be exploited by a remote attacker to submit a special request, which can crash the application or execute arbitrary code in the context of the application

TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera. TP-LINK Technologies of tapo c200 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tp-link Tapo C200 is a network camera device from Tp-link company in China. The vulnerability stems from the uhttpd binary that runs as root by default in the software, which lacks filtering and escaping of command parameters. An unauthenticated attacker could exploit this vulnerability to execute system commands on the system through a special command request

IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By sending a specially crafted JSON message, an attacker could exploit this vulnerability to modify structure and fields. IBM X-Force ID: 209824. Vendor exploits this vulnerability IBM X-Force ID: 209824 It is published as.Information may be tampered with

Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter. Tenda AX1806 is a WiFi6 wireless router from Tenda, China

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. TP-Link TL-WR886N is a wireless router from China Pulian Company

There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be tampered with

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request. TP-Link TL-WR886N is a wireless router from China Pulian Company

There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity. Huawei of EMUI , HarmonyOS , Magic UI There is a vulnerability in improper default permissions.Information is tampered with and service operation is interrupted (DoS) It may be in a state

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parameter. Tenda AX1806 is a WiFi6 wireless router from China Tenda company

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity. Huawei of EMUI and Magic UI Exists in an integer underflow vulnerability.Information may be tampered with

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. mi of ax3600 Firmware contains insufficient validation of data authenticity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Xiaomi router AX3600 is a router from the Chinese company Xiaomi

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter. Tenda AX1806 is a WiFi6 wireless router from Tenda, China

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/upgrade_info feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. TP-Link TL-WR886N is a wireless router from China Pulian Company. A buffer overflow vulnerability exists in TP-Link TL-WR886N 20190826 version 2.3.8

Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. Shenzhen Tenda Technology Co.,Ltd. of AX3 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda Ax3 is an Ax1800 Gigabit port dual-band Wifi 6 wireless router from Tenda, China

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. Tenda AX1806 is a WiFi6 wireless router from China Tenda company

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. Huawei of EMUI and Magic UI Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization. Huawei of EMUI , HarmonyOS , Magic UI There is a vulnerability in improper default permissions.Information may be obtained