VARIoT IoT vulnerabilities database
| VAR-202105-1563 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24691) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1564 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24692) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1565 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24693) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1566 | No CVE | WebAccess/HMI Designer has memory out-of-bounds access vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has an out-of-bounds memory access vulnerability, which can be exploited by attackers to cause denial of service.
| VAR-202105-1567 | No CVE | WebAccess/HMI Designer has a memory corruption vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a memory corruption vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1568 | No CVE | WebAccess/HMI Designer has a denial of service vulnerability (CNVD-2021-24696) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1569 | No CVE | ForceControl has a denial of service vulnerability (CNVD-2021-24698) |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core.
ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1570 | No CVE | ForceControl has a denial of service vulnerability (CNVD-2021-24699) |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core.
ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1571 | No CVE | ForceControl has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
ForceControl is a general-purpose human-machine visual monitoring configuration software, and it is the first automation software product in China that uses distributed real-time database technology as its core.
ForceControl has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1572 | No CVE | Integer overflow vulnerability exists in WebAccess/HMI Designer |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has an integer overflow vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1573 | No CVE | WebAccess/HMI Designer has memory out-of-bounds access vulnerability (CNVD-2021-24532) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has an out-of-bounds memory access vulnerability, which can be exploited by attackers to cause denial of service.
| VAR-202105-1574 | No CVE | WebAccess/HMI Designer has a memory corruption vulnerability (CNVD-2021-24533) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
WebAccess/HMI Designer is a man-machine interface integrated development tool.
WebAccess/HMI Designer has a memory corruption vulnerability, which can be exploited by an attacker to cause a denial of service.
| VAR-202105-1660 | No CVE | Weak password vulnerability exists in WayOS intelligent routing management system (CNVD-2021-24518) |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
WayOS intelligent routing management system is designed by Weimen Technology for small and medium-sized enterprises, Internet cafes, rental houses, supermarkets and other industry scenarios, highlighting Internet behavior management, bandwidth overlay, smart QOS, PPP0E authentication server, WeChat and WiFi , Advertising and marketing functions.
The WayOS intelligent routing management system has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1661 | No CVE | NBR router has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Ruijie Networks Co., Ltd. is a data communication solution provider.
NBR routers have weak password vulnerabilities. Attackers can use the vulnerability to log in to the device with a weak password to obtain sensitive information.
| VAR-202105-1665 | No CVE | Feiyuxing Technology Development Co., Ltd. Volans has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Chengdu Feiyuxing Technology Co., Ltd. was established in 2002 as a high-tech enterprise focusing on product innovation and research and development in the data communication industry and the Internet of Things industry.
Volans of Feiyuxing Technology Development Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1669 | No CVE | Universal Technology Co., Ltd. USG2130 has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
TL-ER2220G is a dual-core multi-WAN port gigabit enterprise VPN router from Prolink Technology Co., Ltd.
Universal Technology Co., Ltd. USG2130 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1671 | No CVE | H3C ER3200 router has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ER3200 is a high-performance router launched by H3C.
The H3C ER3200 router has a weak password vulnerability. Attackers use this vulnerability to log in to the background of the system to obtain sensitive information.
| VAR-202105-1672 | No CVE | Multiple Huawei products have weak password vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Secoway USG2160BSR is a firewall of Huawei Technologies Co., Ltd., Huawei SRG3230 is a gateway, and Huawei SRG1220 is a router of Huawei Technologies Co., Ltd.
Many Huawei products have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1673 | No CVE | Many products of New H3C Technology Co., Ltd. have weak password vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
ER5100 is a high-performance gigabit downstream router. ER5200G2 is a new generation of enterprise-class gigabit high-performance router. GR5200 is a new generation of high-performance enterprise-class routers.
Many products of New H3C Technology Co., Ltd. have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.
| VAR-202105-1674 | No CVE | HUAWEI SRG1220w has a weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
SRG1220w is a router.
HUAWEI SRG1220w has a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.