VARIoT IoT vulnerabilities database

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only privileges. The product supports functions such as data backup, data recovery, and data replication management

Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account. A remote malicious user with low privileges may gain access to data stored on the /ifs directory through most protocols. DELL Dell EMC Isilon OneFS and EMC PowerScale are a set of scale-out storage systems suitable for unstructured data from Dell (DELL)

D-Link DIR-818LW is a wireless router. D-Link DIR-818LW has a weak password vulnerability. Attackers can use weak passwords to log in to the background to obtain sensitive information.

Beijing Zhimin Technology Development Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales, leasing and service of security inspection, anti-terrorism, police, fire rescue and EOD equipment. MinTech's enterprise-level flow control cloud router has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

D-Link DIR-600M is a wireless router. D-Link DIR-600M has weak password vulnerability. Attackers use this vulnerability to log in to the background to obtain sensitive information.

RG-EW1200G is a dual-band dual-gigabit wireless router. Ruijie Networks RG-EW1200G has a command execution vulnerability. An attacker can use this vulnerability to gain control of the website server.

TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is a Hong Kong-listed high-tech foreign company (stock code: HK.8287) and one of the world's leading network equipment suppliers. The TOTOLINK T10 router has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is a Hong Kong-listed high-tech foreign company (stock code: HK.8287) and one of the world's leading network equipment suppliers. TOTOLINK T10 router has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

Hysine (Hexin Control) is the world's leading manufacturer of BACnet control systems. The Hysine Webtalk system has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is a Hong Kong-listed high-tech foreign company (stock code: HK.8287) and one of the world's leading network equipment suppliers. The TOTOLINK T10 router has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

Chengdu Zhifeng Technology Co., Ltd. was established in October 2016. It is an emerging high-tech company integrating R&D, production and sales. The enterprise-level flow control cloud router of BeeNet has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is a Hong Kong-listed high-tech foreign company (stock code: HK.8287) and one of the world's leading network equipment suppliers. TOTOLINK T10 router has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is a Hong Kong-listed high-tech foreign company (stock code: HK.8287) and one of the world's leading network equipment suppliers. TOTOLINK T10 router has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

DIR-850L is a wireless AC1200 dual-band gigabit cloud router. D_Link DIR-850L has a weak password vulnerability, attackers can use the vulnerability to obtain sensitive information

Suzhou Keda Technology Co., Ltd. is a leading provider of video and security products and solutions. It is committed to helping various government and corporate customers improve communication and management efficiency with video conferencing, video surveillance and rich video application solutions. The MSS streaming media server of Suzhou Keda Technology Co., Ltd. has a logical flaw, and an attacker can use the flaw to obtain sensitive information.

TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is a Hong Kong-listed high-tech foreign company (stock code: HK.8287) and one of the world's leading network equipment suppliers. TOTOLINK T10 router has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

Matsushita Electric (China) was established in 1994 and is mainly responsible for the sales and after-sales service of home appliances, systems, environment, components and other products. Multiple network cameras of Panasonic Electric (China) Co., Ltd. have unauthorized access vulnerabilities. Attackers can use the vulnerabilities to obtain sensitive information.

Brickcom Corporation (Brickcom Corporation) is composed of a research and development team with rich experience in the surveillance industry, and develops digital surveillance products with advanced technology. Including millions of video network cameras, wireless network cameras, video servers, 3G video transmission (NVR) embedded network hard disk video recorders, CMS client platform systems, etc. The VD-130Ae camera of BRICS Communication Technology Co., Ltd. has a weak password vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Matsushita Electric (China) Co., Ltd. was established in 1994 and is mainly responsible for the sales and after-sales service of home appliances, systems, environment, components and other commodities. Matsushita Electric (China) Co., Ltd. WV-SPN310 and WV-SPN310A have unauthorized access vulnerabilities, which can be exploited by attackers to obtain sensitive information.

Brickcom Corporation (Brickcom Corporation) is composed of a research and development team with rich experience in the surveillance industry, and develops digital surveillance products with advanced technology. Including millions of video network cameras, wireless network cameras, video servers, 3G video transmission (NVR) embedded network hard disk video recorders, CMS client platform systems, etc. Brickcom-MD-300Np-360P has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.