VARIoT IoT vulnerabilities database

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwImgExe.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user.

China Mobile Enterprise Gateway is a gateway management software that can be used for wifi settings and detailed status. The China Mobile Enterprise Gateway has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection. EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei Buffer Overflow in BootROM USB Stack. Affected devices are Huawei Mate 30 Pro (LIO), Huawei P40 Pro (ELS), Huawei P40 (ANA), Huawei Nova 5T (YAL)

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. F5 Networks of nginx Products from other vendors contain vulnerabilities related to certificate validation.Information may be obtained and information may be tampered with. (CVE-2020-11724). ========================================================================== Ubuntu Security Notice USN-5371-2 April 28, 2022 nginx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: nginx could be made to redirect network traffic. Software Description: - nginx: small, powerful, scalable web/proxy server Details: USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11724) It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-36309) It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. (CVE-2021-3618) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: nginx-core 1.18.0-6ubuntu14.1 nginx-extras 1.18.0-6ubuntu14.1 nginx-light 1.18.0-6ubuntu14.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5371-2 https://ubuntu.com/security/notices/USN-5371-1 CVE-2021-3618 Package Information: https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1

TL-WPA7510 is a router device of Prolink Technology Co., Ltd. Universal Technology Co., Ltd. TL-WPA7510 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user. Ricon Mobile Provided by the company Industrial Cellular Router Is a mobile network router. Powerful 64-bit Processor and integrated real-timeoperating system specially developed by Ricon Mobile. S9922XL iswidely used in many areas such as intelligent transportation, scada,POS, industrial automation, telemetry, finance, environmental protection.The router suffers from an authenticated OS command injectionvulnerability. Also vulnerable to Heartbleed.Tested on: GNU/Linux 2.6.36 (mips)WEB-ROUTER

Ruijie Networks is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, storage, etc. Ruijie Networks RG-NBS series has logic flaws and vulnerabilities. Attackers can use vulnerabilities to bypass authentication and access internal resources.

Shandong Kede Electronics Co., Ltd. is a national high-tech enterprise and a national high-tech zone gazelle enterprise integrating product development, production, sales, and teaching practice. Shandong Kede Electronics Co., Ltd. has logic flaws and loopholes in the IoT smart water meter supervision platform. Attackers can use the vulnerability to obtain administrator cookies through blasting.

H3C SecPath ACG1000 is a new generation application control gateway. H3C SecPath ACG1000 has an arbitrary file reading vulnerability. Attackers can use vulnerabilities to read arbitrary files.

Shandong Kede Electronics Co., Ltd. is a national high-tech enterprise integrating product research and development, production, sales, and teaching practice. Shandong Kede Electronics Co., Ltd. has an information leakage vulnerability in the IoT smart water meter monitoring platform. Attackers can use vulnerabilities to obtain sensitive information.

Aitai Technology is a small and medium-sized network solution provider and service provider in China. A number of Aitai router products have weak password vulnerabilities, which can be exploited by attacks to obtain sensitive information.

Shangrui 4220G is a router device of Shanghai Aitai Technology Co., Ltd. Shang Rui 4220G of Shanghai Aitai Technology Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/*.c. ACRN Is vulnerable to the use of freed memory.Denial of service (DoS) It may be put into a state. ACRN is an open source project released by the Linux Foundation, which is a management program designed for the Internet of Things and embedded devices. No detailed vulnerability details are currently provided

An issue was discovered in ACRN before 2.5. It allows a devicemodel/hw/pci/virtio/virtio_net.c virtio_net_ping_rxq NULL pointer dereference for vq->used. ACRN is an open source project released by the Linux Foundation, which is a management program designed for the Internet of Things and embedded devices. No detailed vulnerability details are currently provided