VARIoT IoT vulnerabilities database

TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. A830R firmware, A3100R firmware, A810R firmware etc. TOTOLINK The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A830R is a wireless dual-band router from China's TOTOLINK Electronics

TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi. A830R firmware, a950rg firmware, A3000RU firmware etc. TOTOLINK The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi. A830R firmware, a950rg firmware, A3000RU firmware etc. TOTOLINK The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi. A830R firmware, a950rg firmware, A3000RU firmware etc. TOTOLINK The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter. TOTOLINK of A810R firmware and a950rg The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A950RG and TOTOLINK A810R are both products of China's TOTOLINK Electronics. TOTOLINK A950RG is a super-generation Giga wireless router. TOTOLINK A810R is a wireless dual-band router. Attackers can exploit this vulnerability to execute arbitrary commands

TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini. TOTOLINK of A810R A vulnerability exists in the firmware related to the use of hardcoded passwords.Information may be obtained and information may be tampered with. TOTOLINK A810R is a wireless dual-band router from China's TOTOLINK Electronics. TOTOLINK A810R V4.1.2cu.5182_B20201026 has a trust management vulnerability, which is caused by a hard-coded password in product.ini. Attackers can exploit this vulnerability to cause authentication errors

TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function. TOTOLINK of A810R A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A810R is a wireless dual-band router from China's TOTOLINK Electronics. TOTOLINK A810R V4.1.2cu.5182_B20201026 has a buffer overflow vulnerability. The vulnerability is caused by the startTime and endTime parameters in the setParentalRules function failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi. TOTOLINK of A810R Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A810R is a wireless dual-band router from China's TOTOLINK Electronics. The vulnerability is caused by cstecgi.cgi failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter. a800r firmware, A810R firmware, A830R firmware etc. TOTOLINK The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter. a800r firmware, A810R firmware, A830R firmware etc. TOTOLINK The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter. a800r firmware, A810R firmware, A830R firmware etc. TOTOLINK The product contains a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Founded in 2016, Netshi Technology Co., Ltd. is a high-tech enterprise focusing on the research, development, production and sales of data communication network equipment. Netshi Technology Co., Ltd.'s W1 series routers have an unauthorized access vulnerability that attackers can exploit to obtain sensitive information.

Beijing Zhixin Microelectronics Technology Co., Ltd. is a high-tech enterprise focusing on the field of microelectronics. Beijing Zhixin Microelectronics Technology Co., Ltd.'s intelligent fusion terminal has an industrial control equipment vulnerability, which can be exploited by attackers to obtain server permissions.

TOSHIBA e-STUDIO4508A is a high-performance black-and-white digital multifunction printer suitable for office environments, providing printing, copying and scanning functions. ‌ TOSHIBA e-STUDIO4508A has a weak password vulnerability that can be exploited by attackers to obtain sensitive information.

MOBOTIX S14 is a camera. MOBOTIX S14 has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.

MOBOTIX P25 is a high-performance smart network camera. MOBOTIX P25 has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.

BL-LTE300 is a home router. Shenzhen Bilian Electronics Co., Ltd. BL-LTE300 has a binary vulnerability that can be exploited by attackers to cause a denial of service.

MOBOTIX D10 is a high-performance smart network camera. MOBOTIX D10 has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.

MOBOTIX D22 is a camera. MOBOTIX D22 has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information.

A15 is a dual-band 3G wireless router suitable for fiber-optic homes within 1000M. Shenzhen Jixiang Tengda Technology Co., Ltd. A15 has a binary vulnerability that can be exploited by attackers to cause a denial of service.