VARIoT IoT vulnerabilities database

Tianxin Instrument Group Co., Ltd. is a professional service provider of domestic flow meters and gas application system solutions. The Tianxin SCADA system of Tianxin Instrument Group Co., Ltd. has a SQL injection vulnerability. Attackers can use vulnerabilities to obtain sensitive information in the database.

Zhejiang Yushi Technology Co., Ltd. (abbreviated as: Yushi) was founded in 2011 and is a global public safety and intelligent transportation solution provider. Zhejiang Yushi Technology Co., Ltd. media player has a weak password vulnerability. Attackers can use the vulnerability to enter the default password to log in to obtain sensitive information.

Tianyi broadband government-enterprise gateway A8-C is China Telecom's fiber optic modem. Tianyi Broadband's government-enterprise gateway A8-C has unauthorized loopholes. Attackers can use vulnerabilities to cause resets to override their authority.

Tianyi broadband government-enterprise gateway A8-C (8+8) is a broadband broadband for telecom enterprises. Tianyi broadband government-enterprise gateway A8-C (8+8) has logic flaws. Attackers can use the vulnerability to cause any user to modify the LOID and cause the entire gateway to disconnect.

The business scope of Xiamen Lionfish Network Technology Co., Ltd. includes: Internet of Things technical services; Internet of Things application services; Internet of Things equipment manufacturing; Internet of Things equipment sales, etc. The Lionfish community group buying system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information in the database.

Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page. McAfee Web Gateway (MWG) Vulnerability in privilege managementInformation is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. McAfee Web Gateway is a high-performance secure Web gateway, using a unified device software architecture, with best-in-class threat protection. The vulnerability stems from the non-neutralization of user input in the troubleshooting page. Attackers can use this vulnerability to gain elevated privileges. There is no relevant information about this vulnerability at present. Please keep an eye on CNNVD or vendor announcements

Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account. There is a security vulnerability in Tesla SolarCity Solar Monitoring Gateway. There is no information about this vulnerability at present. Please keep an eye on CNNVD or manufacturer announcements

A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device. Cisco StarOS Is vulnerable to a resource exhaustion.Denial of service (DoS) It may be put into a state. Cisco StarOS operating system is an operating system of Cisco in the United States. Provide subscriber management service for mobile packet core network. There is a resource management error vulnerability in the Cisco StarOS operating system, which originates from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory. Please keep an eye on CNNVD or vendor announcements

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected service. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco Webex Meetings Contains a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. There is a security vulnerability in Cisco Webex Meetings. Currently there is no information about this vulnerability. Please keep an eye on CNNVD or vendor announcements

A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of shared memory by the affected software. An attacker with permissions to view system memory could exploit this vulnerability by running an application on the local system that is designed to read shared memory. A successful exploit could allow the attacker to retrieve sensitive information from the shared memory, including usernames, meeting information, or authentication tokens. Note: To exploit this vulnerability, an attacker must have valid credentials on a Microsoft Windows end-user system and must log in after another user has already authenticated with Webex on the same end-user system. There is no information about this vulnerability at present. Please keep an eye on CNNVD or vendor announcements

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. Windows for Cisco AnyConnect Secure Mobility Client Exists in a digital signature validation vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. There is a security vulnerability in Cisco AnyConnect Secure Mobility Client. There is no information about this vulnerability at present. Please keep an eye on CNNVD or vendor announcements

Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access. Intel(R) Graphics Driver Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. There is a security vulnerability in the Intel Graphics Driver. There is no information about this vulnerability at present. Please keep an eye on CNNVD or the manufacturer's announcement

The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value

FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. FileZen is a device for secure file transfer and sharing via email or web interface. FileZen 3.0.0-4.2.7, 5.0.0-5.0.2 have OS command injection vulnerabilities

A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability. Advantech WebAccess/SCADA Contains a path traversal vulnerability.Information may be obtained. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. There is a path traversal vulnerability in Advantech WebAccess/SCADA, which originates from the failure of network systems or products to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs. RACOM M!DGE is a cellular router designed for mission-critical applications such as SCADA and telemetry, and is very suitable for many different wireless applications. Attackers can use this vulnerability to execute javascript code through sms.php

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. Racom's MIDGE Firmware Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. RACOM M!DGE is a cellular router designed for mission-critical applications such as SCADA and telemetry, and is very suitable for many different wireless applications. Attackers can use this vulnerability to elevate permissions through configd