VARIoT IoT vulnerabilities database

A hardcoded credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to access the web management portal using a default guest account with administrative privileges. Shenzhen Tenda Technology Co.,Ltd. of w18e A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

HP China Ltd. is an enterprise mainly engaged in scientific research and technical services. HP China Ltd. HP officeJet Pro 9010 has an information leakage vulnerability, which can be exploited by attackers to obtain sensitive information.

Shenzhen Jixiang Tenda Technology Co., Ltd. (Tenda) is a high-tech enterprise specializing in the research and development, production, sales and service of network communication equipment. Shenzhen Jixiang Tenda Technology Co., Ltd. Tenda router AC8v4 has a binary vulnerability that can be exploited by attackers to cause denial of service.

TEW-639GR is a wireless router. Beijing Trendwell Network Technology Co., Ltd. TEW-639GR has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Netis Technology Co., Ltd. is a high-tech enterprise focusing on the research, development, production and sales of data communication network equipment. Netis Technology Co., Ltd.'s Netis WF2411 router has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and service of network communication equipment. Shenzhen Jixiang Tengda Technology Co., Ltd. Tenda AC10 router has a binary vulnerability that can be exploited by attackers to cause denial of service.

Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision) is a technology company focusing on technological innovation and intelligent IoT. Hangzhou Hikvision Digital Technology Co., Ltd. HIK-WiFi has an information leakage vulnerability, which can be exploited by attackers to obtain sensitive information.

Netis Technology Co., Ltd. is a high-tech enterprise focusing on the research, development, production and sales of data communication network equipment. Netis Technology Co., Ltd.'s Netis WF2411 router has a binary vulnerability that can be exploited by attackers to cause a denial of service.

Mitsubishi Electric Automation (China) Co., Ltd. is a company mainly engaged in loading, unloading, handling and warehousing. Mitsubishi Electric Automation (China) Co., Ltd. PLC FX5U-64MR/ES has a denial of service vulnerability, which can be exploited by attackers to cause denial of service.

Netis Technology Co., Ltd. is a high-tech enterprise focusing on the research, development, production and sales of data communication network equipment. Netis Technology Co., Ltd.'s Netis WF2210 router has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of dhp-w310av The firmware contains vulnerabilities related to authentication and vulnerabilities related to authentication evasion through spoofing.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DHP-W310AV is a popular router device

A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the file /goform/set_wifi_blacklists of the component HTTP POST Request Handler. The manipulation of the argument macList leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-823X The firmware has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. D-Link DIR-823X is a wireless router of D-Link, a Chinese company. No detailed vulnerability details are currently provided

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. Delta Electronics CNCSoft-G2 is a human-machine interface (HMI) software from Delta Electronics, a Chinese company

Jiong Electronics (Shenzhen) Co., Ltd. is a high-tech foreign-invested enterprise specializing in the research and development, design, manufacturing and sales of various network products. Jiong Electronics (Shenzhen) Co., Ltd.'s TOTOLINK N200RE router has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Aficio SP 3500SF is a multi-function commercial all-in-one printer with printing, copying, scanning and faxing functions. Ricoh (China) Investment Co., Ltd. Aficio SP 3500SF has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Beijing Xingwang Ruijie Network Technology Co., Ltd. is a provider of ICT infrastructure and industry solutions. Its main business is the research, design and sales of network equipment, network security products and cloud desktop solutions. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR2100G-E has an information leakage vulnerability, which can be exploited by attackers to obtain sensitive information.

BL-X-PRO is a six-line six-signal high-power Gigabit wireless router. BL-X-PRO of Shenzhen Bilian Electronics Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Wuxi Xinjie Electric Co., Ltd. is a listed company that focuses on the research and development and application of industrial automation products. Wuxi Xinjie Electric Co., Ltd.'s Xinjie XSF5-A32 PLC has an industrial control equipment vulnerability that attackers can exploit to cause a denial of service.

An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module and Linkdiscovery module. Project Floodlight of Floodlight Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module, Topologylnstance module, Routing module. Project Floodlight of Floodlight Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state