VARIoT IoT vulnerabilities database

Taiyuan Yisi Software Technology Co., Ltd. is an Internet software development and system integration enterprise that relies on Internet information and Internet of Things technology to provide enterprises with complete smart factory solutions. A SQL injection vulnerability exists in the integrated system of Yisi's production, supply and marketing management and control. Attackers can use vulnerabilities to obtain sensitive information in the database.

Axis is an IT company that specializes in providing network video solutions. Axis Q1614 Network Camera has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information.

The Lenovo K5pro mobile phone is a very low-priced mass model released by Lenovo in mid-October 2018. The Lenovo K5 Pro mobile phone has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. Axis P1346 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Weidmueller Industrial WLAN devices have a trust management vulnerability

Axis is an IT company that specializes in providing network video solutions. Axis P1344 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

NETGEAR WNR2200 is a wireless router device. NETGEAR WNR2200 has a weak password vulnerability. Attackers use vulnerabilities to obtain sensitive information.

ASUS ZenFone Max Pro (M2) is a smart phone. ASUS ZenFone Max Pro (M2) has an information disclosure vulnerability. Attackers can use the vulnerability to monitor the content of the user's call.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to bypass Web authentication

Belkin is a supplier in the aftermarket, providing power, protection, production, connectivity, audio, security and home automation solutions for a wide range of consumer electronics and corporate environments. Belkin Router has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN Devices contain vulnerabilities to improper compliance with coding standards.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

Axis is an IT company that specializes in providing network video solutions. Axis P1354 Network Camera has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Simer Technology is a high-tech enterprise integrating R&D, production and sales. It is an equipment manufacturer focusing on Internet management and optimization. It is also a manufacturer of smart home products and solutions, smart locks, smart DNS, and other products. XMDNS-6800 Dynamic System has a command execution vulnerability. An attacker can use this vulnerability to gain server permissions.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to cause remote code execution

Electro Industries/GuageTech (abbreviated as "EIG Corporation of America") is a manufacturer of microprocessor-based digital power meters. Electro Industries/GaugeTech Total Web Solutions has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

NETGEAR WNDR3300 is a wireless router. NETGEAR WNDR3300 has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device. plural Weidmueller Industrial WLAN A device contains a vulnerability in the use of hard-coded credentials.Information may be obtained. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communications Co., Ltd. OPPO Find x has an information disclosure vulnerability. An attacker can use a malicious APP to only need to apply for the read permission of commonly used external storage space, and then the content of the user's call can be monitored through the exposed component.