VARIoT IoT vulnerabilities database

There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. An attacker could exploit this vulnerability to cause a system reboot. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There are security vulnerabilities in several Huawei SmartPhone, which stems from the lack of effective permissions and access control measures in the products. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws

There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company

There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There is a security vulnerability in Huawei smartphones

There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There is a security vulnerability in Huawei smartphones

There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company

There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company

There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws

There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There are security vulnerabilities in several Huawei SmartPhone, which stems from the lack of effective permissions and access control measures in the products. The following products and versions are affected: EMUI 10.1.1, Magic UI 3.1.1

There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low Energy (BLE) connectivity to read and write to many BLE characteristics on the device. Some of these control the flow of water, the sensitivity of the sensors, and information about maintenance. plural Sloan SmartFaucet The product contains an authentication vulnerability.Information may be obtained and information may be tampered with

TP-LINK Technology Co., Ltd. ("TP-LINK" for short) is the world's leading supplier of network communication equipment. Many TPLINK routers have binary vulnerabilities, which can be exploited by attackers to cause denial of service.

Shenzhen Xunjie Communication Technology Co., Ltd. (hereinafter referred to as FAST) is a provider of user-end network and communication technology and equipment in China. Founded in 2002, headquartered in Shenzhen High-tech Industrial Zone. It is a high-tech enterprise with a complete independent research and development, manufacturing and marketing system. FAST FWB201S, FWB505, FAC1203R, and FWB200 have a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

TP-Link TL-WDR5620 is an intelligent router. TP-Link TL-WDR5650 is a dual-band wireless router. TP-LINK TL-WR842N is a wireless router. TP-link TL-WDR7660, TL-WDR7620, TL-WDR7661, TL-WDR7650 and TL-R470P-AC are all gigabit routers. TP-link TL-WA933RE is a wireless extender for mobile phones. Many TPLINK routers have stack overflow vulnerabilities. Attackers can use the vulnerability to cause stack buffer overflow.

Shenzhen Xunjie Communication Technology Co., Ltd. (hereinafter referred to as FAST) is a provider of user-end network and communication technology and equipment in China. Founded in 2002, headquartered in Shenzhen High-tech Industrial Zone. It is a high-tech enterprise with a complete independent research and development, manufacturing and marketing system. FAST FWB201S, FWB505, FAC1203R, and FWB200 have a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

Shenzhen Meikexing Communication Technology Co., Ltd. (hereinafter referred to as MERCURY) was established in 2001. Its business scope includes: general business items are: computer wireless local area network products, computer software and hardware, communication equipment, electronic products, network security equipment technology development, etc. . MERCURY M6G, D196G, MW310RE, MIAP1200GP have a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service.