VARIoT IoT vulnerabilities database

EKI-15121-CE is a serial device networking server, which sends a private configuration protocol to the device port. EKI-1521-CE has a denial of service vulnerability, attackers can use the vulnerability to launch a denial of service attack.

The CDAsp component of the PKS system software provides network services based on the configuration protocol. Honeywell (China) Co., Ltd. PKS system software CDAsp component has a denial of service vulnerability. Attackers can use this vulnerability to initiate a denial of service attack.

Samsung (China) Investment Co., Ltd. is the headquarters of Samsung Group in China. As of the end of 2008, 20 of Samsung's more than 30 companies have invested in China, including Samsung Electronics, Samsung SDI, Samsung SDS, and Samsung Electro-Mechanics. Samsung WLAN AP arbitrary file download vulnerability. Attackers can use this vulnerability to read system files.

Shenzhen Meikexing Communication Technology Co., Ltd. (hereinafter referred to as MERCURY) focuses on providing excellent products and solutions for network communications and security monitoring. The MERCURY wireless router of Shenzhen Meikexing Communication Technology Co., Ltd. has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

DCME-520 is a new generation of high-performance Internet egress gateway launched by Digital China Network Co., Ltd. with multi-core high-performance processors, combined with dedicated ASIC switching chips, to meet the business needs of large-capacity users, multi-flow, and multi-service types. Beijing Digital China Cloud Technology Co., Ltd. DCME-520 has a command execution vulnerability. Attackers can use the vulnerability to gain control of the server.

The HP Photosmart 5520 series is a mid-range inkjet printer. The HP Photosmart 5520 series has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

The business scope of Epson (China) Co., Ltd. mainly includes printers, scanners, projectors and other information-related products business, electronic components business, and industrial automation equipment business. Many printers of Epson (China) Co., Ltd. have unauthorized access vulnerabilities, which can be exploited by attackers to obtain sensitive information.

Hewlett-Packard Trading (Shanghai) Co., Ltd. is a company whose business scope includes computer software and hardware equipment, printing equipment, imaging equipment, and communication equipment. The HP PageWide Pro 477dw MFP has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Hewlett-Packard Trading (Shanghai) Co., Ltd. is a company whose business scope includes computer equipment, printing equipment, imaging equipment, electronic products and related parts and components of the above-mentioned products. The HP Color LaserJet MFP M281fdw has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Hewlett-Packard Trading (Shanghai) Co., Ltd. is a company whose business scope includes computer equipment, printing equipment, imaging equipment, electronic products and related parts and components of the above-mentioned products. The HP LaserJet M605 has a weak password vulnerability. Attackers use a weak password to log in to the background to obtain sensitive information.

Samsung C1810 Series is a printer of Samsung (China) Investment Co., Ltd. Samsung C1810 Series has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Samsung C145x Series is a printer of Samsung (China) Investment Co., Ltd. Samsung C145x Series has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

Samsung C140x Series is a printer of Samsung (China) Investment Co., Ltd. Samsung C140x Series has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

MX-2314N is a printer of Sharp Trading (China) Co., Ltd. Sharp Trading (China) Co., Ltd. MX-2314N has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

MX-2640N is a printer of Sharp Trading (China) Co., Ltd. Sharp Trading (China) Co., Ltd. MX-2640N has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution. D-Link DIR-615 C2 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. D-Link DIR-615 is a wireless router made by D-Link in Taiwan. D-Link DIR-615 has a security vulnerability, which is caused by incorrectly verifying the data boundary when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc

In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069_local_port parameter is passed directly to system. ProLink PRC2402M Contains a command injection vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. ProLink PRC2402M is a router of Singapore ProLink company. The set_TR069 function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and earlier versions has a command injection vulnerability

In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the led_cmd parameter is passed directly to do_system. ProLink PRC2402M Contains a command injection vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. ProLink PRC2402M is a router of Singapore ProLink company. The set_ledonoff function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and earlier versions has a command injection vulnerability

In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system. ProLink PRC2402M Contains a command injection vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. ProLink PRC2402M is a router of Singapore ProLink company

In ProLink PRC2402M V1.0.18 and older, the set_sys_init function in the login.cgi binary allows an attacker to reset the password to the administrative interface of the router. ProLink PRC2402M Contains a vulnerability in the password management function.Information may be obtained. ProLink PRC2402M is a router of Singapore ProLink company. The set_sys_init function in the login.cgi binary file of ProLink PRC2402M 1.0.18 and earlier versions has an information disclosure vulnerability