VARIoT IoT vulnerabilities database

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateGeneralSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TeleControl Server Basic allows remote monitoring and control of devices over WAN/LAN. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateGateways' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25915). Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the implementation of the UpdateGateways method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker could leverage this vulnerability to disclose stored credentials, leading to further compromise. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'GetOverview' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TeleControl Server Basic allows remote monitoring and control of devices over WAN/LAN. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'LockTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens TeleControl Server Basic is an industrial remote controller of Siemens, Germany. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'ImportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens TeleControl Server Basic is an industrial remote controller of Siemens, Germany. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens TeleControl Server Basic is an industrial remote controller of Siemens, Germany. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UnlockBufferingSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. Siemens' telecontrol server basic for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens TeleControl Server Basic is an industrial remote controller of Siemens, Germany. Siemens TeleControl Server Basic versions prior to v3.1.2.2 have multiple SQL injection vulnerabilities that can be exploited by attackers to read and write the application's database, causing a denial of service and executing code in the operating system shell with limited "NT AUTHORITYNetworkService" permissions

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serverName2. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the serverName2 parameter in AdvSetMacMtuWan failing to properly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serviceName2. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC10 is a high-performance router with Gigabit ports for both WAN and LAN ports. There is a buffer overflow vulnerability in Tenda AC10 AdvSetMacMtuWan, which can be exploited by attackers to submit special requests and cause a denial of service attack

An unauthenticated attacker can obtain EV charger energy consumption information of other users. Growatt Cloud Applications is a monitoring platform of China's Growatt

Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users. Growatt Cloud Applications is a monitoring platform of China's Growatt

Unauthenticated attackers can send configuration settings to device and possible perform physical actions remotely (e.g., on/off). Growatt Cloud Applications is a monitoring platform of China's Growatt

Unauthenticated attackers can query an API endpoint and get device details. Growatt Cloud Applications is a monitoring platform of China's Growatt

Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary users). Growatt Cloud Applications is a monitoring platform of China's Growatt

An unauthenticated attacker can obtain a list of smart devices by knowing a valid username. Growatt Cloud Applications is a monitoring platform of China's Growatt

An unauthenticated attacker can obtain a user's plant list by knowing the username. Growatt Cloud Applications is a monitoring platform of China's Growatt

Unauthenticated attackers can obtain restricted information about a user's smart device collections (i.e., "rooms"). Growatt Cloud Applications is a monitoring platform of China's Growatt

An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request. Growatt Cloud Applications is a monitoring platform of China's Growatt. Growatt Cloud Applications 3.6.0 and earlier versions have an authorization bypass vulnerability that can be exploited by unauthenticated attackers to obtain user emails by knowing the username, resulting in the sending of password reset emails

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2. Shenzhen Tenda Technology Co.,Ltd. of AC10 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC10 has a buffer overflow vulnerability, which is caused by the mac2 parameter in AdvSetMacMtuWan failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the pin parameter in the function setWiFiWpsConfig. TOTOLINK of n600r A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK N600R is a wireless router produced by China's TOTOLINK Electronics. TOTOLINK N600R has a buffer overflow vulnerability. The vulnerability is caused by the pin parameter in the setWiFiWpsConfig function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service