VARIoT IoT vulnerabilities database

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Weidmueller Industrial WLAN devices have a trust management vulnerability

Axis is an IT company that specializes in providing network video solutions. Axis P1346 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Based on Taiwan, BRICS Communication Technology is committed to developing a full range of security surveillance system products, and has established its own brand "Brickcom" to establish a complete distribution channel system in the Americas, Europe, Asia, New Zealand and Australia. Brickcom FB-200Np camera has a logic flaw vulnerability. Attackers can use the record list to add administrators beyond their authority.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to bypass Web authentication

Simer Technology is a high-tech enterprise integrating R&D, production and sales. It is an equipment manufacturer focusing on Internet management and optimization. It is also a manufacturer of smart home products and solutions, smart locks, smart DNS, and other products. XMDNS-6800 Dynamic System has a command execution vulnerability. An attacker can use this vulnerability to gain server permissions.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN Devices contain vulnerabilities to improper compliance with coding standards.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

Hisense owns Hisense Video (600060) and Hisense Home Appliances (000921), two listed companies in Shanghai, Shenzhen, and Hong Kong. Its subsidiaries include Hisense, Toshiba, Gorenje, Kelon, and Rongsheng (Ronshen) and ASKO and many other brands. Hisense A5 series mobile phones have information leakage vulnerabilities. Attackers can use the vulnerability to monitor the content of the user's call.

Founded in 2011, Inno Laser Co., Ltd. is a national high-tech enterprise, headquartered in Shenzhen Nanshan Science and Technology Park. Processing solutions. Many products of Inno Laser Technology Co., Ltd. have unauthorized access vulnerabilities. Attackers can use the vulnerabilities to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to cause remote code execution

Axis is an IT company that specializes in providing network video solutions. Axis P1343 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted iw_serverip parameter can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

Axis is an IT company that specializes in providing network video solutions. Axis P1354 Network Camera has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information.

OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communications Co., Ltd. OPPO Find x has an information disclosure vulnerability. An attacker can use a malicious APP to only need to apply for the read permission of commonly used external storage space, and then the content of the user's call can be monitored through the exposed component.

ASUS ZenFone Max Pro (M2) is a smart phone. ASUS ZenFone Max Pro (M2) has an information disclosure vulnerability. Attackers can use the vulnerability to monitor the content of the user's call.

NETGEAR WNR2200 is a wireless router device. NETGEAR WNR2200 has a weak password vulnerability. Attackers use vulnerabilities to obtain sensitive information.

Belkin is a supplier in the aftermarket, providing power, protection, production, connectivity, audio, security and home automation solutions for a wide range of consumer electronics and corporate environments. Belkin Router has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Taiyuan Yisi Software Technology Co., Ltd. is an Internet software development and system integration enterprise that relies on Internet information and Internet of Things technology to provide enterprises with complete smart factory solutions. A SQL injection vulnerability exists in the integrated system of Yisi's production, supply and marketing management and control. Attackers can use vulnerabilities to obtain sensitive information in the database.

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device. plural Weidmueller Industrial WLAN A device contains a vulnerability in the use of hard-coded credentials.Information may be obtained. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany