VARIoT IoT vulnerabilities database

TP-LINK is the world's leading supplier of network communication equipment. The TD-W8901G router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WR1042ND router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WR949N router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Phicomm Data Communication Technology Co., Ltd. was established in 2009 and is a technologically innovative enterprise that provides users with smart products and cloud services in the field of smart homes. Phicomm router K3 has an arbitrary file reading vulnerability, which can be exploited by attackers to obtain sensitive information.

Shenzhen Zhibotong Electronics Co., Ltd. (hereinafter referred to as Zhibotong) was founded in 2010 and won the national high-tech enterprise and Shenzhen high-tech enterprise. It is a network communication equipment and overall solution integrating R&D, production, sales and service. Provider. Shenzhen Zhibotong Electronics Co., Ltd. smart router MT7620N has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WA801ND router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WR340G router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WR843ND router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 202006. Vendor is responsible for this vulnerability IBM X-Force ID: 202006 Is published as.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This product is a platform for JavaEE and Web service applications, as well as the foundation of the IBM WebSphere software platform. No detailed vulnerability details are currently provided

A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE. ZXHN H168N There is a vulnerability in improper retention of permissions.Information may be obtained

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The Archer-C7 router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The Archer-C1900 router has a weak password vulnerability. Attackers can use the vulnerability to log in to the system background and perform unauthorized operations.

ER3100, ER5200G2, ER3260G2, ER3200G2, ER8300G2 are router products of New H3C Technology Co., Ltd. More than three systems in Xinhua have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WR720N router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The TL-WR749N router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

Phicomm Data Communication Technology Co., Ltd. was established in 2009 and is a technologically innovative enterprise that provides users with smart products and cloud services in the field of smart homes. Phicomm router K3C has an arbitrary file reading vulnerability, which can be exploited by attackers to obtain sensitive information.

Prolink Technology Co., Ltd. is the world's leading supplier of network communication equipment. The Archer-C8 router has a weak password vulnerability. Attackers can use this vulnerability to log in to the system background and perform unauthorized operations.

A smart camera product of ZTE is impacted by a permission and access control vulnerability. Due to the defect of user permission management by the cloud-end app, users whose sharing permissions have been revoked can still control the camera, such as restarting the camera, restoring factory settings, etc.. This affects ZXHN HS562 V1.0.0.0B2.0000, V1.0.0.0B3.0000E. ZXHN H168N Is vulnerable to incorrect default permissions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges. SGE-PLC1000 The device has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Circutor SGE-PLC1000 is a smart metering system equipment. The main function is to manage the mains power through CIRWATT meters or other meters using PRIME technology. There is an operating system command injection vulnerability in the Circutor SGE-PLC1000 0.9.2b firmware version

HP ENVY 5530 is an A4 inkjet all-in-one printer from HP. HP ENVY 5530 has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.