VARIoT IoT vulnerabilities database

ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core. ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

ER6300 is a high-performance all-gigabit dedicated router for Internet cafes launched by H3C. The H3C ER6300 router has a weak password vulnerability. Attackers can use this vulnerability to log in to the router background to obtain sensitive information.

WebAccess/HMI Designer is a man-machine interface integrated development tool. WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

WebAccess/HMI Designer is a man-machine interface integrated development tool. WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

WayOS intelligent routing management system is designed by Weimen Technology for small and medium-sized enterprises, Internet cafes, rental houses, supermarkets and other industry scenarios, highlighting Internet behavior management, bandwidth overlay, smart QOS, PPP0E authentication server, WeChat and WiFi , Advertising and marketing functions. The WayOS intelligent routing management system has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

WebAccess/HMI Designer is a man-machine interface integrated development tool. WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

WebAccess/HMI Designer is a man-machine interface integrated development tool. WebAccess/HMI Designer has an out-of-bounds memory access vulnerability, which can be exploited by attackers to cause denial of service.

Secoway USG2160BSR is a firewall of Huawei Technologies Co., Ltd., Huawei SRG3230 is a gateway, and Huawei SRG1220 is a router of Huawei Technologies Co., Ltd. Many Huawei products have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request. Tenda AC11 The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Tenda AC11 is an AC1200 dual-band Gigabit WiFi router

Ruijie Networks Co., Ltd. is a data communication solution provider. NBR routers have weak password vulnerabilities. Attackers can use the vulnerability to log in to the device with a weak password to obtain sensitive information.

ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core. ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

SRG2210 is a router. HUAWEI SRG2210 has a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.

WebAccess/HMI Designer is a man-machine interface integrated development tool. WebAccess/HMI Designer has an integer overflow vulnerability, which can be exploited by an attacker to cause a denial of service.

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copied to the stack variable. Tenda AC11 The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Tenda AC11 is an AC1200 dual-band Gigabit WiFi router

ER5100 is a high-performance gigabit downstream router. ER5200G2 is a new generation of enterprise-class gigabit high-performance router. GR5200 is a new generation of high-performance enterprise-class routers. Many products of New H3C Technology Co., Ltd. have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.

WebAccess/HMI Designer is a man-machine interface integrated development tool. WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

ER3200 is a high-performance router launched by H3C. The H3C ER3200 router has a weak password vulnerability. Attackers use this vulnerability to log in to the background of the system to obtain sensitive information.

SRG1220w is a router. HUAWEI SRG1220w has a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request. Tenda AC11 The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Tenda AC11 is an AC1200 dual-band Gigabit WiFi router

TL-ER2220G is a dual-core multi-WAN port gigabit enterprise VPN router from Prolink Technology Co., Ltd. Universal Technology Co., Ltd. USG2130 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.