VARIoT IoT vulnerabilities database
| VAR-202107-1882 | No CVE | Unauthorized access vulnerability exists in Axis 2100 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
Axis 2100 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1883 | No CVE | Unauthorized access vulnerability exists in AXIS 241S Video Server |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 241S Video Server has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1884 | No CVE | Unauthorized access vulnerability exists in AXIS 241Q Video Server |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 241Q Video Server has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1885 | No CVE | Unauthorized access vulnerability exists in AXIS 240Q Video Server |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 240Q Video Server has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1887 | No CVE | AXIS P1214 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS P1214 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1901 | No CVE | An SQL injection vulnerability exists in the property integrated billing management cloud platform of Shenzhen China Electric Power Technology Co., Ltd. |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The property integrated billing management system is based on cloud computing, the Internet of Things and advanced smart billing management technology, which realizes the flexible access of power system smart electricity data and other smart terminal data, and supports 4G, RS-485, Ethernet and other communication methods. Enable data interconnection, realize online online recharge, SMS reminder and balance inquiry, etc.
Shenzhen China Electric Power Technology Co., Ltd. property integrated billing management cloud platform has SQL injection vulnerabilities. Attackers can use vulnerabilities to obtain sensitive information in the database.
| VAR-202107-0946 | CVE-2021-29297 | Emerson GE Automation Proficy Machine Edition Classic buffer overflow vulnerability in |
CVSS V2: 2.6 CVSS V3: 5.3 Severity: MEDIUM |
Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll"
| VAR-202107-0947 | CVE-2021-29298 | Emerson GE Automation Proficy Machine Edition Input verification vulnerability in |
CVSS V2: 2.6 CVSS V3: 5.3 Severity: MEDIUM |
Improper Input Validation in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe"in the module "fxVPStatcTcp.dll"
| VAR-202107-0418 | CVE-2020-5353 | DELL Dell EMC Isilon OneFS and EMC PowerScale Security hole |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system
| VAR-202107-1719 | No CVE | Ruijie Networks Co., Ltd. NBR2000D has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. NBR2000D has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1720 | No CVE | Ruijie Networks Co., Ltd. EG1000L has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. EG1000L has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1721 | No CVE | Ruijie Networks Co., Ltd. EG2000P has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. EG2000P has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1722 | No CVE | Ruijie Networks Co., Ltd. 1000C has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
Ruijie Networks Co., Ltd. 1000C has a weak password vulnerability. Attackers can use this vulnerability to log in to the device backend to obtain sensitive information.
| VAR-202107-1832 | No CVE | AXIS P7214 Video Encoder has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS P7214 Video Encoder has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1833 | No CVE | AXIS 211W Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 211W Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1834 | No CVE | Unauthorized access vulnerability exists in Axis-207 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis Communications AB is an IT company that specializes in providing network video solutions.
Axis-207 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1886 | No CVE | AXIS M1103 Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M1103 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1888 | No CVE | Unauthorized access vulnerability exists in Axis-M1104 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis Communications AB is an IT company that specializes in providing network video solutions.
Axis-M1104 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1889 | No CVE | Unauthorized access vulnerability exists in AXIS M1054 Network Camera |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS M1054 Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202107-1890 | No CVE | AXIS 215 PTZ Network Camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Axis is an IT company that specializes in providing network video solutions.
AXIS 215 PTZ Network Camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.