VARIoT IoT vulnerabilities database
| VAR-202106-2021 | No CVE | D-Link DIR-809 has a denial of service vulnerability (CNVD-2021-37564) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202106-2024 | No CVE | D-Link DIR-809 has a denial of service vulnerability (CNVD-2021-37560) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a denial of service vulnerability. An attacker can use this leak to cause a denial of service.
| VAR-202106-2311 | No CVE | FC-Series has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
FLIR Systems, Inc. focuses on the design, development, production, marketing and promotion of professional technologies for enhancing situational awareness. Through thermal imaging, visible light imaging, video analysis, measurement and diagnosis, and advanced threat detection systems, we bring innovative sensing solutions into daily life.
FC-Series has a weak password vulnerability. The attacker uses the default weak password to log in to the background to obtain sensitive information.
| VAR-202106-2334 | No CVE | Tiandi Weiye Technology Co., Ltd. RAID management system has logic flaws and vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Tiandi Weiye is the world's leading provider of smart security solutions. Based on artificial intelligence, big data, cloud computing, Internet of Things and other technologies, it provides smart video products and systems for public security, politics and law, transportation, finance, education, water conservancy, environmental protection and other industries. Solutions and high-quality technical services.
The RAID management system of Tiandi Weiye Technology Co., Ltd. has a logic flaw vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202106-2022 | No CVE | D-Link DIR-809 has a denial of service vulnerability (CNVD-2021-37559) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a denial of service vulnerability. An attacker can use this vulnerability to cause a denial of service.
| VAR-202106-2013 | No CVE | D-Link DIR-809 has a binary vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2023 | No CVE | D-Link DIR-809 has a denial of service vulnerability (CNVD-2021-37558) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a denial of service vulnerability. An attacker can use this vulnerability to cause a denial of service.
| VAR-202106-2030 | No CVE | D-Link DIR-809 has a binary vulnerability (CNVD-2021-36484) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2027 | No CVE | D-Link DIR-809 has a binary vulnerability (CNVD-2021-36485) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2131 | No CVE | NETGEAR WGR614v7 has an information disclosure vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
WGR614v7 is a wireless router device.
NETGEAR WGR614v7 has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202106-2028 | No CVE | D-Link DIR-809 has a binary vulnerability (CNVD-2021-36486) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2025 | No CVE | Shenzhen Xunjie Communication Technology Co., Ltd. FAST 300M has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
FAST 300M is a wireless broadband router.
Shenzhen Xunjie Communication Technology Co., Ltd. FAST 300M has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202106-2031 | No CVE | D-Link DIR-809 has a binary vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2029 | No CVE | D-Link DIR-809 has a binary vulnerability (CNVD-2021-36487) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2026 | No CVE | D-Link DIR-809 has a binary vulnerability (CNVD-2021-36483) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
D-Link DIR-809 is a wireless router using RTOS.
D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202106-2132 | No CVE | Electro Industries/GaugeTech Total Web Solutions has an unauthorized access vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Electro Industries/GuageTech (abbreviated as "EIG Corporation of America") is a manufacturer of microprocessor-based digital power meters.
Electro Industries/GaugeTech Total Web Solutions has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.
| VAR-202106-1214 | CVE-2021-33530 | plural Weidmueller Industrial WLAN In the device OS Command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany
| VAR-202106-2309 | No CVE | Unauthorized access vulnerability exists in Axis P1346 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
Axis P1346 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202106-2313 | No CVE | ASUS ZenFone Max Pro (M2) has an information disclosure vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ASUS ZenFone Max Pro (M2) is a smart phone.
ASUS ZenFone Max Pro (M2) has an information disclosure vulnerability. Attackers can use the vulnerability to monitor the content of the user's call.
| VAR-202106-1218 | CVE-2021-33534 | plural Weidmueller Industrial WLAN In the device OS Command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany