VARIoT IoT vulnerabilities database

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools, a user can reconfigure settings not intended to be manipulated, repackage the configuration, and restore a backup causing these settings to be changed. Netgear Nighthawk R6700 Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Netgear Nighthawk R6700 is a wireless router from Netgear. The Netgear Nighthawk R6700 has an encryption issue vulnerability that stems from the product not effectively encrypting configuration files

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface (port 5000) is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext. Netgear Nighthawk R6700 Contains a vulnerability in the transmission of important information in clear text.Information may be obtained. The Netgear Nighthawk R6700 is a wireless router from Netgear. Attackers can use this vulnerability to obtain sensitive information from HTTP requests

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. (DoS) It may be in a state. Netgear RAX43 is a wireless router from Netgear. No detailed vulnerability details are currently available

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the change of the admin password due to a hidden administrative command. Trendnet AC2600 TEW-827DRU There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Trendnet AC2600 TEW-827DRU is a wireless router

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious symlink on it that the bittorrent client can write downloads to, then a user is able to download arbitrary files to any desired location on the devices filesystem, which could lead to remote code execution. Example directories vulnerable to this include "config", "downloads", and "torrents", though it should be noted that "downloads" is the only vector that allows for arbitrary files to be downloaded to arbitrary locations. Trendnet AC2600 TEW-827DRU Exists in a link interpretation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Trendnet AC2600 TEW-827DRU is a wireless router

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password (RAX50w!a4udk). By unzipping the configuration using this password, a user can reconfigure settings not intended to be manipulated, re-zip the configuration, and restore a backup causing these settings to be changed. Netgear RAX43 Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Netgear RAX43 is a wireless router from Netgear. No detailed vulnerability details are currently provided

The ioLogik E1242 series are daisy-chain Ethernet switches that support the most commonly used I/O data acquisition protocols and can match various applications. Mosha Technology (Shanghai) Co., Ltd. ioLogik E1242 series has unauthorized access vulnerabilities. Attackers can use vulnerabilities to obtain sensitive information and perform unauthorized operations.

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection. No username or password is required and the user is given a root shell with full control of the device. Trendnet AC2600 TEW-827DRU contains an authentication vulnerability and a lack of authentication for critical functionality.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Trendnet AC2600 TEW-827DRU is a wireless router. A security vulnerability exists in the Trendnet AC2600 TEW-827DRU

Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF protections or mitigations. Additionally, pages that do make use of CSRF tokens are trivially bypassable as the server does not appear to validate them properly (i.e. re-using an old token or finding the token thru some other method is possible). Trendnet AC2600 TEW-827DRU Contains a cross-site request forgery vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Trendnet AC2600 TEW-827DRU is a wireless router. There is a security vulnerability in Trendnet AC2600 TEW-827DRU. There is currently no detailed vulnerability details provided

It is possible for an unauthenticated, malicious user to force the device to reboot due to a hidden administrative command. TEW-827DRU There are unspecified vulnerabilities in the firmware.Service operation interruption (DoS) It may be in a state. Trendnet AC2600 TEW-827DRU is a wireless router

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values. (DoS) It may be in a state. The Netgear Nighthawk R6700 is a wireless router from Netgear. No detailed vulnerability details are currently available

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext. Netgear Nighthawk R6700 Contains a vulnerability in the transmission of important information in clear text.Information may be obtained. Netgear Nighthawk R6700 is a wireless router from Netgear. An attacker can obtain sensitive information through this vulnerability

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default. Trendnet AC2600 TEW-827DRU Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management software manages web sessions based on IP address rather than verifying client cookies/session tokens/etc. This allows an attacker (whether from a different computer, different web browser on the same machine, etc.) to take over an existing session. This does require the attacker to be able to spoof or take over original IP address of the original user's session. Trendnet AC2600 TEW-827DRU Exists in a session immobilization vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes firmware updates that are done via the automated "check for updates" in the admin interface. If an attacker is able to masquerade as the update server, the device will not verify that the firmware updates downloaded are legitimate. Trendnet AC2600 TEW-827DRU Exists in a digital signature verification vulnerability.Information may be tampered with. Trendnet AC2600 TEW-827DRU is a wireless router. Trendnet AC2600 TEW-827DRU version 2.08B01 has a security vulnerability

A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. The Zyxel NBG6604 is a dual-band wireless router from China's Zyxel Technology (Zyxel)

An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. Zyxel NBG6604 A session expiration vulnerability exists in firmware.Information may be obtained and information may be tampered with. The Zyxel NBG6604 is a dual-band wireless router from China's Zyxel Technology (Zyxel). No detailed vulnerability details are currently provided

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the Unity underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. (DoS) It may be in a state. An attacker could exploit this vulnerability to run crafted commands and escalate privileges on the system

There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit this vulnerability by injecting special characters. Successful exploit could cause certain information disclosure. Affected product versions include: WS318n-21 10.0.2.2, 10.0.2.5 and 10.0.2.6. HUAWEI WS318n Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. The Huawei WS318n is a router from the Chinese company Huawei. An attacker could exploit this vulnerability to execute JavaScript code on the client side

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call. (DoS) It may be in a state. Zyxel ZyXEL GS1900 is a managed switch from Zyxel in Taiwan