VARIoT IoT vulnerabilities database

In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

NETGEAR WNR2200 is a wireless router device. NETGEAR WNR2200 has a weak password vulnerability. Attackers use vulnerabilities to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. Axis P1346 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. Axis P1343 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Axis is an IT company that specializes in providing network video solutions. Axis P1344 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

CommScope Technology (Suzhou) Co., Ltd. is mainly engaged in research, development, manufacturing, and promotion of communication optical cables, components and raw materials, optical cables, cables, broadband access network communication system equipment and materials, etc. CommScope's ARRIS Touchstone Telephony Modem has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Weidmueller Industrial WLAN devices have a trust management vulnerability

Taiyuan Yisi Software Technology Co., Ltd. is an Internet software development and system integration enterprise that relies on Internet information and Internet of Things technology to provide enterprises with complete smart factory solutions. A SQL injection vulnerability exists in the integrated system of Yisi's production, supply and marketing management and control. Attackers can use vulnerabilities to obtain sensitive information in the database.

Hisense owns Hisense Video (600060) and Hisense Home Appliances (000921), two listed companies in Shanghai, Shenzhen, and Hong Kong. Its subsidiaries include Hisense, Toshiba, Gorenje, Kelon, and Rongsheng (Ronshen) and ASKO and many other brands. Hisense A5 series mobile phones have information leakage vulnerabilities. Attackers can use the vulnerability to monitor the content of the user's call.

The Lenovo K5pro mobile phone is a very low-priced mass model released by Lenovo in mid-October 2018. The Lenovo K5 Pro mobile phone has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

Founded in 2011, Inno Laser Co., Ltd. is a national high-tech enterprise, headquartered in Shenzhen Nanshan Science and Technology Park. Processing solutions. Many products of Inno Laser Technology Co., Ltd. have unauthorized access vulnerabilities. Attackers can use the vulnerabilities to obtain sensitive information.

Electro Industries/GuageTech (abbreviated as "EIG Corporation of America") is a manufacturer of microprocessor-based digital power meters. Electro Industries/GaugeTech Total Web Solutions has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communications Co., Ltd. OPPO Find x has an information disclosure vulnerability. An attacker can use a malicious APP to only need to apply for the read permission of commonly used external storage space, and then the content of the user's call can be monitored through the exposed component.

Simer Technology is a high-tech enterprise integrating R&D, production and sales. It is an equipment manufacturer focusing on Internet management and optimization. It is also a manufacturer of smart home products and solutions, smart locks, smart DNS, and other products. XMDNS-6800 Dynamic System has a command execution vulnerability. An attacker can use this vulnerability to gain server permissions.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to bypass Web authentication

Axis is an IT company that specializes in providing network video solutions. Axis P1354 Network Camera has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information.

NETGEAR WNDR3300 is a wireless router. NETGEAR WNDR3300 has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Belkin is a supplier in the aftermarket, providing power, protection, production, connectivity, audio, security and home automation solutions for a wide range of consumer electronics and corporate environments. Belkin Router has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

NETGEAR WNR2000v5 router is a wireless router device. The NETGEAR WNR2000v5 router has a weak password vulnerability. Attackers can use this vulnerability to control the device, obtain sensitive information and perform unauthorized operations.