VARIoT IoT vulnerabilities database

Youku Tudou Roubao is a smart router. Youku Tudou Roubao has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

Shenzhen Baiwei Tongda Technology Co., Ltd. is a supplier dedicated to providing leading network solutions for Internet cafes, communities, hotels, enterprises, and public Internet places. The BYTEVALUE intelligent flow control router has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

HG220G-U is a fiber optic modem of China United Network Communications Group Co., Ltd. China United Network Communications Group Co., Ltd. HG220G-U has an unauthorized access vulnerability. Attackers can use this vulnerability to construct a specific URL request to open the telnet service without authorization.

Xiaoxin XY300 projector is a home, portable mini projector. The Lenovo Xiaoxin XY300 projector has a directory traversal vulnerability, which can be exploited by attackers to obtain sensitive information.

Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality

Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege. Samsung FactoryCameraFB is a system application of Samsung Corporation. Samsung Mobile FactoryCameraFB has an access control error vulnerability

Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. Samsung Messages is an application for Samsung mobile devices. Provides a tool that comes pre-installed by default on all its official devices. Samsung Message has an information disclosure vulnerability. The vulnerability stems from the lack of appropriate protection permissions in the product's SmsViewerActivity component. An attacker can exploit this vulnerability to access the Message file

Visual Tools is a brand of AX Solutions. AX Solutions is a company with high-tech features and unique video solutions. It is well-known for its innovative capabilities, product quality and service mission. Visual Tools DVR has an unauthorized command execution vulnerability. Attackers can use this vulnerability to escalate apache privileges to root. Combined with the vulnerability, they can execute arbitrary commands on the target device with root privileges.

Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. Mikrotik RouterOs Exists in a reachable assertion vulnerability.Denial of service (DoS) It may be put into a state. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. Re: Two vulnerabilities found in MikroTik's RouterOS

Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /nova/bin/user process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. Mikrotik RouterOs Exists in a reachable assertion vulnerability.Denial of service (DoS) It may be put into a state. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. Re: Two vulnerabilities found in MikroTik's RouterOS

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access. Mikrotik RouterOs Is vulnerable to a buffer error.Denial of service (DoS) It may be put into a state. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. There is a buffer error vulnerability in Mikrotik RouterOs. The following products and versions are affected: Mikrotik RouterOs prior to 6.44.6. Re: Three vulnerabilities found in MikroTik's RouterOS

Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. Mikrotik RouterOs Is vulnerable to a resource exhaustion.Denial of service (DoS) It may be put into a state. MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. Re: Three vulnerabilities found in MikroTik's RouterOS

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. Re: Three vulnerabilities found in MikroTik's RouterOS

Mikrotik RouterOs 6.44.5 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality. Re: Two vulnerabilities found in MikroTik's RouterOS

Shanghai Phicomm Data Communication Technology Co., Ltd. is a technologically innovative enterprise that provides users with smart products and cloud services in the field of smart homes. Phicomm router K1 version has weak password vulnerability. Attackers can use this vulnerability to log in to the background to obtain sensitive information.

Yingying Information actively creates a smart road monitoring integration platform, and has been earnestly operating its own brand KGuard for many years. Its main products include home security combokits for digital surveillance video recorders (Home Security ComboKit), etc. KGuard DVR has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information and provide arbitrary command execution.

Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key. Philips Vue PACS There is a vulnerability in the lack of encryption of critical data.Information may be obtained

Philips Vue PACS versions 12.2.x.x and prior does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. Philips Vue PACS Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information

Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. Philips Vue PACS Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state