VARIoT IoT vulnerabilities database

D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. of D-Link Japan Co., Ltd. dir-859 firmware and dir-859 a3 An out-of-bounds write vulnerability exists in firmware.Service operation interruption (DoS) It may be in a state. D-Link DIR-859 is a wireless router from D-Link Company in Taiwan

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: This is a duplicate to CVE-2022-22511 Notes. WAGO is a 750-88x series programmable logic controller from WAGO. This device is a number-crunching operating electronic system specially designed for application in an industrial environment. The WAGO 750-8212 PFC200 G2 2ETH RS has a security vulnerability stemming from a Chained Cross-Site Request Forgery (CSRF) with a Reflected Cross-Site Scripting (XSS) vulnerability in the WAGO 750-8212 PFC200 G2 2ETH RS that causes session hijacking. No detailed vulnerability details are currently available

Unauthenticated cross-site scripting (XSS) in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking. of netgear wac120 ac Firmware has a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Netgear NETGEAR WAC120 is a wireless access point (AP) from Netgear. No detailed vulnerability details are currently provided

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories. Secomea of gatemanager Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state

There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data. The Tenda-AX3 is a dual-band wireless router from the Chinese company Tenda. No detailed vulnerability details are currently provided

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124. Provided by Omron Corporation CX-Programmer contains multiple vulnerabilities. * Out-of-bounds writing (CWE-787) - CVE-2022-21124 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25230 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25325 It was * Out-of-bounds read (CWE-125) - CVE-2022-21219 It was * Out-of-bounds writing (CWE-787) - CVE-2022-25234 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer

DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site. of D-Link Japan Co., Ltd. dir-850l An open redirect vulnerability exists in firmware.Information may be obtained and information may be tampered with. D-Link DIR850 ET850-1.08TRb03 is a router from DLink. No detailed vulnerability details are currently provided

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234. Provided by Omron Corporation CX-Programmer contains multiple vulnerabilities. * Out-of-bounds writing (CWE-787) - CVE-2022-21124 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25230 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25325 It was * Out-of-bounds read (CWE-125) - CVE-2022-21219 It was * Out-of-bounds writing (CWE-787) - CVE-2022-25234 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer

Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Provided by Omron Corporation CX-Programmer contains multiple vulnerabilities. * Out-of-bounds writing (CWE-787) - CVE-2022-21124 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25230 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25325 It was * Out-of-bounds read (CWE-125) - CVE-2022-21219 It was * Out-of-bounds writing (CWE-787) - CVE-2022-25234 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325. Provided by Omron Corporation CX-Programmer contains multiple vulnerabilities. * Out-of-bounds writing (CWE-787) - CVE-2022-21124 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25230 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25325 It was * Out-of-bounds read (CWE-125) - CVE-2022-21219 It was * Out-of-bounds writing (CWE-787) - CVE-2022-25234 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer

An information disclosure in web interface in D-Link DIR-X1860 before 1.03 RevA1 allows a remote unauthenticated attacker to send a specially crafted HTTP request and gain knowledge of different absolute paths that are being used by the web application. of D-Link Japan Co., Ltd. dir-x1860 Firmware contains an information disclosure vulnerability through an error message.Information may be obtained. The D-Link Dir-X1860 is a dual-band router from China's D-Link company. D-Link DIR-X1860 version prior to 1.03 RevA1 has a security vulnerability. Information about the different absolute paths the application is using

Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. of D-Link Japan Co., Ltd. dap-1620 A path traversal vulnerability exists in firmware.Information may be obtained. D-Link DAP-1620 is a wireless repeater extender from D-Link, Taiwan. No detailed vulnerability details are currently available

There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by function sscanf without any security check, which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data. The Tenda-AX3 is a dual-band wireless router from the Chinese company Tenda. No detailed vulnerability details are currently available

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230. Provided by Omron Corporation CX-Programmer contains multiple vulnerabilities. * Out-of-bounds writing (CWE-787) - CVE-2022-21124 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25230 It was * Use of freed memory (Use-after-free) (CWE-416) - CVE-2022-25325 It was * Out-of-bounds read (CWE-125) - CVE-2022-21219 It was * Out-of-bounds writing (CWE-787) - CVE-2022-25234 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer

There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 170221 Rel.55462n devices vie the X_TP_ExternalIPv6Address HTTP parameter, allowing a remote attacker to run arbitrary commands on the router with root privileges. TP-LINK Technologies of archer c20i The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tp-link Archer C2 is a wireless router from Tp-link company in China. There is a security vulnerability in TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 170221 Rel.55462n. The vulnerability stems from the lack of filtering and escaping of user data in the HTTP parameter X_TP_ExternalIPv6Address in the device. Run arbitrary commands on the router with root privileges

KingView (KingView) is the flagship brand in the field of equipment monitoring in China. It has the characteristics of complete functions, simple, easy to learn, and easy to use. Its products are widely used in dozens of industries such as electric power, machinery, municipal administration, energy, environmental protection, and medicine. Hundreds of equipment supporting monitoring such as low-voltage power distribution, hoisting machinery, vacuum furnace, heat exchange station, fan power generation, dust blowing and dust removal, air separation equipment, pharmaceutical freeze dryer and so on. There is a logic flaw vulnerability in KingView, an attacker can use this vulnerability to overwrite and delete any file.

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the specific web section where the information is displayed. Injection can be done on specific parameters. The injected code is executed when a legitimate user attempts to review history. IPCOMM of ipDIO There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. IPCOMM ipDIO is a remote control communication device of German IPCOMM company. Used to record digital and analog inputs and control digital outputs. A code injection vulnerability exists in IPCOMM ipDIO

Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history. ipDIO Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. IPCOMM ipDIO is a remote control communication device of German IPCOMM company. Used to record digital and analog inputs and control digital outputs

Persistent cross-site scripting (XSS) in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services). ipDIO Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. IPCOMM ipDIO is a remote control communication device of German IPCOMM company. Used to record digital and analog inputs and control digital outputs

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host. (DoS) It may be in a state