VARIoT IoT vulnerabilities database
| VAR-202107-1881 | No CVE | Unauthorized access vulnerability exists in AXIS 206M Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 206M Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1878 | No CVE | Unauthorized access vulnerability exists in Cisco IP Phone CP-8865 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco IP Phone CP-8865 is an enterprise-class IP phone.
Cisco IP Phone CP-8865 has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.
| VAR-202107-1875 | No CVE | AXIS P5534 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS P5534 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1874 | No CVE | AXIS M3025 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M3025 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1901 | No CVE | An SQL injection vulnerability exists in the property integrated billing management cloud platform of Shenzhen China Electric Power Technology Co., Ltd. |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The property integrated billing management system is based on cloud computing, the Internet of Things and advanced smart billing management technology, which realizes the flexible access of power system smart electricity data and other smart terminal data, and supports 4G, RS-485, Ethernet and other communication methods. Enable data interconnection, realize online online recharge, SMS reminder and balance inquiry, etc.
Shenzhen China Electric Power Technology Co., Ltd. property integrated billing management cloud platform has SQL injection vulnerabilities. Attackers can use vulnerabilities to obtain sensitive information in the database.
| VAR-202107-0946 | CVE-2021-29297 | Emerson GE Automation Proficy Machine Edition Classic buffer overflow vulnerability in |
CVSS V2: 2.6 CVSS V3: 5.3 Severity: MEDIUM |
Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll"
| VAR-202107-1870 | No CVE | Unauthorized access vulnerability exists in Axis 2120 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
Axis 2120 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1873 | No CVE | AXIS M3113 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M3113 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-0418 | CVE-2020-5353 | DELL Dell EMC Isilon OneFS and EMC PowerScale Security hole |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system
| VAR-202107-1719 | No CVE | Ruijie Networks Co., Ltd. NBR2000D has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. NBR2000D has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1889 | No CVE | Unauthorized access vulnerability exists in AXIS M1054 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M1054 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1890 | No CVE | AXIS 215 PTZ Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 215 PTZ Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1722 | No CVE | Ruijie Networks Co., Ltd. 1000C has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. 1000C has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1893 | No CVE | AXIS M1113 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M1113 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1834 | No CVE | Unauthorized access vulnerability exists in Axis-207 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis Communications AB is an IT company that specializes in providing network video solutions.
Axis-207 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1888 | No CVE | Unauthorized access vulnerability exists in Axis-M1104 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis Communications AB is an IT company that specializes in providing network video solutions.
Axis-M1104 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1833 | No CVE | AXIS 211W Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 211W Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1720 | No CVE | Ruijie Networks Co., Ltd. EG1000L has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. EG1000L has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1894 | No CVE | AXIS P1357 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS P1357 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1886 | No CVE | AXIS M1103 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M1103 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.