VARIoT IoT vulnerabilities database

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise engaged in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. The WDECP-IC card measurement management platform of Tangshan Liulin Automation Equipment Co., Ltd. has a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of the security communication terminal and smart application platform software of the Internet of Things. There is a SQL injection vulnerability in the water rights trading system. Attackers can use the vulnerability to obtain sensitive information in the database.

ZTE Corporation is the world's leading provider of integrated communications solutions. The ZXV10 W815N router of ZTE Corporation has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Xiamen Sixin Communication Technology Co., Ltd. is a national high-tech enterprise, a leading enterprise of small giants of scientific and technological innovation in Fujian Province, an IoT platform enterprise, an IoT technology expert, and a provider of IoT communication equipment and solutions. The Four-Faith router of Xiamen Four-Faith Communication Technology Co., Ltd. has a weak password vulnerability. Attackers can use the vulnerability to obtain sensitive information.

ZXHN F460 is the optical modem of ZTE's EPON mode. There is an unauthorized access vulnerability in ZXHN F460 of ZTE Corporation. Attackers can use the vulnerability to obtain sensitive information.

ZTE Corporation is the world's leading provider of integrated communications solutions. ZTE Corporation ZXHN H168N has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands.

ZTE Corporation is the world's leading provider of integrated communications solutions. ZTE Corporation ZXHN H168N has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, and storage. The RG-RSR series routers have a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

ZXHN F460 is the optical modem of ZTE's EPON mode. A command execution vulnerability exists in ZXHN F460 of ZTE Corporation. Attackers can use this vulnerability to execute arbitrary commands.

An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. D-Link DIR-802 A1 Has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. D-Link DIR-802 is a wireless router of D-Link company in Taiwan. D-Link DIR-802 A1 1.00b05 and earlier versions have a command injection vulnerability

FATEK Automation WinProladder Versions 3.30 and prior is vulnerable to an integer underflow, which may cause an out-of-bounds write and allow an attacker to execute arbitrary code. FATEK Automation Provided by the company WinProladder Is Windows Ladder programming software for. The official version of WinProLadder is a very good practical PLC programming tool

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set