VARIoT IoT vulnerabilities database
| VAR-202105-1668 | No CVE | Bihaiwei L7 home gateway has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Bihaiwei L7 home gateway is a home gateway launched by Beijing Bihaiwei Technology Co., Ltd.
Bihaiwei L7 home gateway has weak password vulnerability. Attackers can use this vulnerability to log in to the background of the system to obtain sensitive information.
| VAR-202105-1561 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24535) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1562 | No CVE | WebAccess/HMI Designer has a heap overflow vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a heap overflow vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1563 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24691) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1564 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24692) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1565 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24693) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1566 | No CVE | WebAccess/HMI Designer has memory out-of-bounds access vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has an out-of-bounds memory access vulnerability, which can be exploited by attackers to cause denial of service.
| VAR-202105-1567 | No CVE | WebAccess/HMI Designer has a memory corruption vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a memory corruption vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1568 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24696) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1569 | No CVE | ForceControl has a denial of service vulnerability (CNVD-2021-24698) |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core.
ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1570 | No CVE | ForceControl has a denial of service vulnerability (CNVD-2021-24699) |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core.
ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1571 | No CVE | ForceControl has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core.
ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1572 | No CVE | Integer overflow vulnerability exists in WebAccess/HMI Designer |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has an integer overflow vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1573 | No CVE | WebAccess/HMI Designer has memory out-of-bounds access vulnerability (CNVD-2021-24532) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has an out-of-bounds memory access vulnerability, which can be exploited by attackers to cause denial of service.
| VAR-202105-1574 | No CVE | WebAccess/HMI Designer has a memory corruption vulnerability (CNVD-2021-24533) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a memory corruption vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1660 | No CVE | Weak password vulnerability exists in WayOS intelligent routing management system (CNVD-2021-24518) |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
WayOS intelligent routing management system is designed by Weimen Technology for small and medium-sized enterprises, Internet cafes, rental houses, supermarkets and other industry scenarios, highlighting Internet behavior management, bandwidth overlay, smart QOS, PPP0E authentication server, WeChat and WiFi , Advertising and marketing functions.
The WayOS intelligent routing management system has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1661 | No CVE | NBR router has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
NBR routers have weak password vulnerabilities. Attackers can use the vulnerability to log in to the device with a weak password to obtain sensitive information.
| VAR-202105-1665 | No CVE | Feiyuxing Technology Development Co., Ltd. Volans has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Chengdu Feiyuxing Technology Co., Ltd. was established in 2002 as a high-tech enterprise focusing on product innovation and research and development in the data communication industry and the Internet of Things industry.
Volans of Feiyuxing Technology Development Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1669 | No CVE | Universal Technology Co., Ltd. USG2130 has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
TL-ER2220G is a dual-core multi-WAN port gigabit enterprise VPN router from Prolink Technology Co., Ltd.
Universal Technology Co., Ltd. USG2130 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1671 | No CVE | H3C ER3200 router has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ER3200 is a high-performance router launched by H3C.
The H3C ER3200 router has a weak password vulnerability. Attackers use this vulnerability to log in to the background of the system to obtain sensitive information.