VARIoT IoT vulnerabilities database

Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating independent research and development, production and sales of network equipment. Many AC routers of Shenzhen Jixiang Tengda Technology Co., Ltd. have binary vulnerabilities, which can be exploited by attackers to cause denial of service attacks.

Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating independent research and development, production and sales of network equipment. Many Tenda AC routers have stack buffer overflow vulnerabilities, which can be exploited by attackers to cause denial of service attacks.

Ali Smart App is a mobile client made by Alibaba based on its Ali Smart Internet of Things platform. Alibaba Smart APP has a Janus vulnerability, which can be exploited by an attacker to gain control of the server.

H3C SecPath ACG1000 is a new generation application control gateway. H3C SecPath ACG1000 has a file inclusion vulnerability, which can be exploited by attackers to gain control of the server.

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198235. Vendor exploits this vulnerability IBM X-Force ID: 198235 Is published as.Information may be obtained and information may be tampered with

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation. Lenovo PCManager There is a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Lenovo Lenovo Pcmanager (Lenovo Computer Manager) is a software from China Lenovo Company that can comprehensively manage PC devices

Dell is known for its production, design, and sales of home and office computers, but it is also involved in the high-end computer market, producing and selling servers, data storage equipment, and network equipment. Many Dell printers have unauthorized access vulnerabilities. Attackers can use vulnerabilities to obtain sensitive information and perform unauthorized operations.

RG-UAC 6000-ISG series video surveillance security gateway is a video surveillance network security reinforcement product independently developed by Ruijie Networks. The RG-UAC 6000-ISG video access security gateway has a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Fujifilm has developed into one of the world's largest manufacturers and suppliers of comprehensive imaging, information, and document processing products and services. Unauthorized access vulnerabilities exist in many Fujifilm printers. Attackers can use vulnerabilities to obtain sensitive information and perform unauthorized operations.

Lexmark T640 is a printer product. Lexmark T640 has unauthorized vulnerabilities. Attackers can use this vulnerability to obtain sensitive information.

Finetree-5MP-Network-Camera is a network camera. Unauthorized access vulnerability exists in Finetree-5MP-Network-Camera. Attackers can use this vulnerability to obtain sensitive information.

5MP Network Camera is a camera product. Finetree 5MP Network Camera has a logic flaw vulnerability, which can be exploited by attackers to obtain sensitive information.

Meizu 16s pro is a smart phone produced by Zhuhai Meizu Technology Co., Ltd. Meizu 16s pro has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

OnePlus 8T is a smart phone. OnePlus8T has an information disclosure vulnerability. Attackers can use to obtain sensitive user information.

DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678. DEPSTECH WiFi Digital Microscope is a wifi industrial endoscope manufactured by Shenzhen Deep Sea Innovation Technology Co., Ltd., China

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Default settings. DEPSTECH WiFi Digital Microscope 3 There are vulnerabilities in inadequate protection of credentials.Information is tampered with and service operation is interrupted (DoS) It may be in a state. DEPSTECH WiFi Digital Microscope is a wifi industrial endoscope manufactured by Shenzhen Deep Sea Innovation Technology Co., Ltd., China

The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications. MagicMotion Flamingo is a wearable vibrator produced by MagicMotion company in China. Attackers can use this vulnerability to make it read by other applications

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors. MagicMotion Flamingo 2 There is a vulnerability related to information leakage.Information may be obtained. MagicMotion Flamingo is a wearable vibrator produced by MagicMotion company in China

MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. MagicMotion Flamingo 2 There is a vulnerability in the lack of encryption of critical data.Information may be obtained. MagicMotion Flamingo is a wearable vibrator produced by MagicMotion company in China. Attackers can use this vulnerability to sniff data and forge data packets

Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of files and folders. The offering includes Wyse endpoint centralized management, asset tracking and automatic device discovery