VARIoT IoT vulnerabilities database

A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions). plural Schneider Electric The product contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.3, 8.6.0.9, 8.5.0.12, 8.3.0.16, 6.5.4.19, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability

A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability

A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. This vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. An attacker could exploit this vulnerability by injecting parameters into an authentication request. A successful exploit could allow the attacker to bypass authentication and log in as an administrator to the affected device. (DoS) It may be in a state. Cisco Enterprise NFV Infrastructure Software (NFVIS) is a set of NVF infrastructure software platform of Cisco (Cisco). The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later. UniFi Protect The application contains an authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Ubiquiti Networks UniFi Protect is a network video recorder from Ubiquiti Networks

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later. UniFi Protect An unspecified vulnerability exists in the application.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Ubiquiti Networks UniFi Protect is a network video recorder from Ubiquiti Networks. The vulnerability stems from the product not adding effective permission controls to visitors who only have view access and network access

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07. plural WAGO product There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server. PEPPERL+FUCHS WirelessHART-Gateway Exists in a past traversal vulnerability.Information may be obtained

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials. PEPPERL+FUCHS WirelessHART-Gateway Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. PEPPERL+FUCHS WirelessHART-Gateway Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once. PEPPERL+FUCHS WirelessHART-Gateway There are vulnerabilities in inadequate protection of credentials.Information may be obtained

There is a command execution vulnerability in a ZTE conference management system. As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending specific serialization command. ZTE There is a vulnerability in the conference management system regarding deserialization of untrusted data.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ZTE ZXV10 M910 is a high-definition video server for video conferencing from China's ZTE Corporation. ZTE ZXV10 M910 has a security vulnerability

MS521dn is a printer of Lexmark International Inc. Lexmark MS521dn has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

RICOH Aficio MP 171 is a printer of Ricoh (China) Investment Co., Ltd. Ricoh (China) Investment Co., Ltd. RICOH Aficio MP171 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Lexmark XM3250 is a printer from Lexmark International Inc. Lexmark XM3250 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Schneider Electric M340 is a mid-range PAC industrial process and infrastructure control. Schneider Electric M340 has vulnerabilities in industrial control equipment. Attackers can use the vulnerabilities to remotely obtain the backdoor password, use the password to connect to the password-protected controller, and perform various sensitive operations, such as stopping and running.

Huawei AR2240 is an enterprise-level router product developed by Huawei. Huawei Technologies Co., Ltd. AR2240 series has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Schneider Electric SA is a global electrical company headquartered in France. Schneider Electric Modicon PAC M580 and M340 have an authorization bypass vulnerability, which can be exploited by attackers to cause a denial of service.

Lexmark XC2235 is a printer of Lexmark International Inc. Lexmark XC2235 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.