VARIoT IoT vulnerabilities database

ZXHN F612 is a simple xPON HGU terminal used in FTTH scenarios. ZTE Corporation ZXHN F612 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service attack.

ZTE Corporation is the world's leading provider of integrated communications solutions. ZXHN F452 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service attack.

Wuxi Kaiyun Information Technology Co., Ltd. focuses on informatization construction, and uses the Internet, Internet of Things, artificial intelligence, big data and cloud computing technology to provide business consulting, solutions, and customized development for local science and technology associations, enterprises and social organizations. , Operation and maintenance and other information-based one-stop technical services, etc. Wuxi Kaiyun Information Technology Co., Ltd. has an information leakage vulnerability in its website building system. Attackers can use this vulnerability to obtain sensitive information.

H3C ERG2-1350W is a router of New H3C Technology Co., Ltd. New H3C Technology Co., Ltd. H3C ERG2-1350W router has a weak password vulnerability. Attackers can use the vulnerability to obtain sensitive information.

YR1881XG is a router. Shenzhen Meikexing Communication Technology Co., Ltd. YR1881XG has a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service by sending carefully constructed data packets.

TL-ER6229GPE-AC is a gigabit router. Universal Technology Co., Ltd. TL-ER6229GPE-AC has a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service by sending carefully constructed data packets.

Wuxi Xinjie Electric Co., Ltd. is a well-known domestic enterprise focusing on the development and application of industrial automation products. Xinje Electric's touch screen editing software Twin has a memory corruption vulnerability. Attackers can use this vulnerability to cause a denial of service.

Wuxi Xinjie Electric Co., Ltd. is a well-known domestic enterprise focusing on the development and application of industrial automation products. Xinje Electric's touch screen editing software Twin has a memory corruption vulnerability. Attackers can use this vulnerability to cause a denial of service.

An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. Vendor is responsible for this vulnerability CID-20c40794eb85 It is published as. This vulnerability is CVE-2019-2308 Vulnerabilities related to.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. ========================================================================== Ubuntu Security Notice USN-4949-1 May 11, 2021 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3489) Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Sch\xf6nherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930) Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: linux-image-5.8.0-1024-raspi 5.8.0-1024.27 linux-image-5.8.0-1024-raspi-nolpae 5.8.0-1024.27 linux-image-5.8.0-1027-kvm 5.8.0-1027.29 linux-image-5.8.0-1029-oracle 5.8.0-1029.30 linux-image-5.8.0-1031-gcp 5.8.0-1031.32 linux-image-5.8.0-1032-azure 5.8.0-1032.34 linux-image-5.8.0-1033-aws 5.8.0-1033.35 linux-image-5.8.0-53-generic 5.8.0-53.60 linux-image-5.8.0-53-generic-64k 5.8.0-53.60 linux-image-5.8.0-53-generic-lpae 5.8.0-53.60 linux-image-5.8.0-53-lowlatency 5.8.0-53.60 linux-image-aws 5.8.0.1033.35 linux-image-azure 5.8.0.1032.32 linux-image-gcp 5.8.0.1031.31 linux-image-generic 5.8.0.53.58 linux-image-generic-64k 5.8.0.53.58 linux-image-generic-lpae 5.8.0.53.58 linux-image-gke 5.8.0.1031.31 linux-image-kvm 5.8.0.1027.29 linux-image-lowlatency 5.8.0.53.58 linux-image-oem-20.04 5.8.0.53.58 linux-image-oracle 5.8.0.1029.28 linux-image-raspi 5.8.0.1024.27 linux-image-raspi-nolpae 5.8.0.1024.27 linux-image-virtual 5.8.0.53.58 Ubuntu 20.04 LTS: linux-image-5.8.0-53-generic 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-64k 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-lpae 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-lowlatency 5.8.0-53.60~20.04.1 linux-image-generic-64k-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-generic-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-generic-lpae-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-lowlatency-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-virtual-hwe-20.04 5.8.0.53.60~20.04.37 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4949-1 CVE-2020-25639, CVE-2021-26930, CVE-2021-26931, CVE-2021-28375, CVE-2021-29264, CVE-2021-29265, CVE-2021-29266, CVE-2021-29646, CVE-2021-29650, CVE-2021-3489, CVE-2021-3490, CVE-2021-3491 Package Information: https://launchpad.net/ubuntu/+source/linux/5.8.0-53.60 https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1033.35 https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1032.34 https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1031.32 https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1027.29 https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1029.30 https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1024.27 https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-53.60~20.04.1

Tenda AC6, etc. are all wireless router products of China Tenda. Shenzhen Jixiang Tenda Technology Co., Ltd. Tenda AC6 has a binary vulnerability that can be exploited by attackers to cause a denial of service.

Tenda AC6, etc. are all wireless router products of China Tenda. Tenda AC6 has a binary vulnerability. Attackers can use the vulnerability to construct parameters to cause the device to restart.

H3C ER3100 is a router from Hangzhou Huasan Communication Technology Co., Ltd. New H3C Technology Co., Ltd. H3C ER3100 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

H3C ER3200 is a router of New H3C Technology Co., Ltd. New H3C Technology Co., Ltd. H3C ER3200 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

D-Link Electronic Equipment (Shanghai) Co., Ltd. was registered and established in the Free Trade Zone Market Supervision Administration on August 13, 2002. The company's business scope includes routers, network cards, hubs, switches, converters, etc. in the region. Many D-Link routers have weak password vulnerabilities, which can be exploited by attackers to obtain sensitive information.

WJ95-RJ45 is a collection module for the Internet of Things and Industrial Ethernet, which realizes the transparent data interaction between the sensor and the network. The data from the sensor can be forwarded to the network, or the data from the network can be forwarded to the sensor. WANJUN WJ95-RJ45 has a denial of service vulnerability. Attackers can use vulnerabilities to make the device denial of service by constructing specific network packets, which affects the normal operation of the controller.

Penguin Aurora Box is a high-end network HD set-top box produced by Tencent Video and Skyworth Digital. An unauthorized access vulnerability exists in the Penguin Aurora Box. An attacker can use the vulnerability to gain unauthorized access to a specific link to remotely control the TV.

A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlier. SonicWall SMA100 Contains an authentication vulnerability.Information may be tampered with. SonicWall SMA100 is a secure access gateway device of SonicWALL in the United States

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier. SonicWall SMA100 is a secure access gateway device of SonicWALL in the United States

Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running (in discoverable mode), Bluetooth service requests and pairing requests are automatically accepted, allowing physically proximate attackers to pair with a device running an affected version of switchboard-plug-bluetooth without the active consent of the user. By default, elementary OS doesn't expose any services via Bluetooth that allow information to be extracted by paired Bluetooth devices. However, if such services (i.e. contact list sharing software) have been installed, it's possible that attackers have been able to extract data from such services without authorization. If no such services have been installed, attackers are only able to pair with a device running an affected version without authorization and then play audio out of the device or possibly present a HID device (keyboard, mouse, etc...) to control the device. As such, users should check the list of trusted/paired devices and remove any that are not 100% confirmed to be genuine. This is fixed in version 2.3.5. To reduce the likelihood of this vulnerability on an unpatched version, only open the Bluetooth plug for short intervals when absolutely necessary and preferably not in crowded public areas. To mitigate the risk entirely with unpatched versions, do not open the Bluetooth plug within switchboard at all, and use a different method for pairing devices if necessary (e.g. `bluetoothctl` CLI). DanielForé switchboard-plug-bluetooth is (DanielForé) an open source application software. A power strip bluetooth plug

Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests. Synology DiskStation Manager (DSM) Is vulnerable to a race condition.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the iscsi_snapshot_comm_core service. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the current process. Synology DiskStation Manager (DSM) is an operating system for network storage servers (NAS) developed by Synology, Taiwan. The operating system can manage data, documents, photos, music and other information