VARIoT IoT vulnerabilities database

D-Link DIR-809 is a wireless router using RTOS. D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.

D-Link DIR-809 is a wireless router using RTOS. D-Link DIR-809 has a binary vulnerability, which can be exploited by an attacker to cause a denial of service.

WGR614v7 is a wireless router device. NETGEAR WGR614v7 has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted iw_serverip parameter can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability. plural Weidmueller Industrial WLAN The device contains an integer underflow vulnerability.Denial of service (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany

In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to cause remote code execution

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. plural Weidmueller Industrial WLAN There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to bypass Web authentication

CommScope Technology (Suzhou) Co., Ltd. is mainly engaged in research, development, manufacturing, and promotion of communication optical cables, components and raw materials, optical cables, cables, broadband access network communication system equipment and materials, etc. CommScope's ARRIS Touchstone Telephony Modem has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Simer Technology is a high-tech enterprise integrating R&D, production and sales. It is an equipment manufacturer focusing on Internet management and optimization. It is also a manufacturer of smart home products and solutions, smart locks, smart DNS, and other products. XMDNS-6800 Dynamic System has a command execution vulnerability. An attacker can use this vulnerability to gain server permissions.

NETGEAR WNDR3300 is a wireless router. NETGEAR WNDR3300 has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

NETGEAR WNR2200 is a wireless router device. NETGEAR WNR2200 has a weak password vulnerability. Attackers use vulnerabilities to obtain sensitive information.

Electro Industries/GuageTech (abbreviated as "EIG Corporation of America") is a manufacturer of microprocessor-based digital power meters. Electro Industries/GaugeTech Total Web Solutions has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Belkin is a supplier in the aftermarket, providing power, protection, production, connectivity, audio, security and home automation solutions for a wide range of consumer electronics and corporate environments. Belkin Router has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communications Co., Ltd. OPPO Find x has an information disclosure vulnerability. An attacker can use a malicious APP to only need to apply for the read permission of commonly used external storage space, and then the content of the user's call can be monitored through the exposed component.

The Lenovo K5pro mobile phone is a very low-priced mass model released by Lenovo in mid-October 2018. The Lenovo K5 Pro mobile phone has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

Hisense owns Hisense Video (600060) and Hisense Home Appliances (000921), two listed companies in Shanghai, Shenzhen, and Hong Kong. Its subsidiaries include Hisense, Toshiba, Gorenje, Kelon, and Rongsheng (Ronshen) and ASKO and many other brands. Hisense A5 series mobile phones have information leakage vulnerabilities. Attackers can use the vulnerability to monitor the content of the user's call.

Based on Taiwan, BRICS Communication Technology is committed to developing a full range of security surveillance system products, and has established its own brand "Brickcom" to establish a complete distribution channel system in the Americas, Europe, Asia, New Zealand and Australia. Brickcom FB-200Np camera has a logic flaw vulnerability. Attackers can use the record list to add administrators beyond their authority.