VARIoT IoT vulnerabilities database
| VAR-202103-1785 | No CVE | XINJE XL5E-16T ModbusTCP protocol has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
XINJE XL5E-16T is a series of Ethernet controller products.
XINJE XL5E-16T ModbusTCP protocol has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and fail to work normally.
| VAR-202103-1790 | No CVE | MOXA AWK-1131A Ethernet 802LLC protocol has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
Moxa is a leading manufacturer of industrial automation, providing complete industrial equipment networking, industrial computers and industrial network solutions, and is committed to the joint promotion and practice of industrial Internet.
The MOXA AWK-1131A Ethernet 802LLC protocol has a denial of service vulnerability, which can be exploited by an attacker to cause the device to fail to work normally.
| VAR-202103-1791 | No CVE | XINJE XDME-30T4-E ModbusTCP protocol has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
XINJE XDME-30T4-E is a controller product of the Ethernet series.
XINJE XDME-30T4-E ModbusTCP protocol has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and fail to work normally.
| VAR-202103-1797 | No CVE | The ARP protocol of MITSUBISHI Electric FX5U-32MT/ES has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
Mitsubishi Electric FX5U-32MT/ES is a programmable logic controller (PLC) product of the MELSEC FX series.
The ARP protocol of MITSUBISHI Electric FX5U-32MT/ES has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to fail to work normally.
| VAR-202103-1637 | No CVE | China Mobile Communications Group Co., Ltd. GM619 has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
China Mobile Communications Group Co., Ltd. is a mobile communications operator whose business scope includes: basic telecommunications services; value-added telecommunications services, etc.
China Mobile Communications Group Co., Ltd. GM619 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202103-1638 | No CVE | Prolink Technology Co., Ltd. TL-ER7520G has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
TL-ER7520G is a new generation of all-gigabit enterprise router products.
Universal Technology Co., Ltd. TL-ER7520G has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202103-1639 | No CVE | Universal Technology Co., Ltd. TL-ER5520G has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
TL-ER5520G is a gigabit router.
Prolink Technology Co., Ltd. TL-ER5520G has a denial of service vulnerability. Attackers can use the vulnerability to cause a denial of service.
| VAR-202103-1640 | No CVE | Skyworth Digital Co., Ltd. DT741-csg has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users.
Skyworth Digital Co., Ltd. DT741-csg has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202103-1644 | No CVE | Skyworth Digital Co., Ltd. DT541-csg has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users.
Skyworth Digital Co., Ltd. DT541-csg has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202103-1645 | No CVE | Skyworth Digital Co., Ltd. DT541 has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users.
Skyworth Digital Co., Ltd. DT541 has a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service.
| VAR-202103-1646 | No CVE | Skyworth Digital Co., Ltd. DT521 has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users.
Skyworth Digital Co., Ltd. DT521 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202103-1647 | No CVE | Schneider TM218LDAE24DRHN IPv4 protocol stack has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
TM218LDAE24DRHN is a programmable logic controller (PLC) product of Modicon owned by Schneider Electric, France.
The Schneider TM218LDAE24DRHN IPv4 protocol stack has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and fail to work normally.
| VAR-202103-1648 | No CVE | XINJE XL5E-16T has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
XINJE XL5E-16T PLC unit is a series of Ethernet controller products.
XINJE XL5E-16T has a denial of service vulnerability. An attacker can use this vulnerability to cause the device to fail to work normally.
| VAR-202103-1652 | No CVE | D-Link Electronic Equipment (Shanghai) Co., Ltd. DIR-878 has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
D-Link Electronic Equipment (Shanghai) Co., Ltd. is a company mainly engaged in network equipment, wireless equipment, switches and other projects.
D-Link Electronic Equipment (Shanghai) Co., Ltd. DIR-878 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
| VAR-202103-1653 | No CVE | SIEMENS SCALANCE X208 has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
SCALANCE X208 is a Siemens switch.
SIEMENS SCALANCE X208 has a denial of service vulnerability, which can be exploited by an attacker to cause the device to fail to work normally.
| VAR-202103-1654 | No CVE | Advantech EKI-1524 has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
EKI-1524 is a serial device networking server.
Advantech EKI-1524 has a denial of service vulnerability, which can be exploited by an attacker to cause the device to automatically restart.
| VAR-202103-1655 | No CVE | XINJE XDME-30T4-E Ethernet protocol has a denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
XINJE XDME-30T4-E is a controller product of the Ethernet series.
XINJE XDME-30T4-E Ethernet protocol has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and not work properly.
| VAR-202103-1322 | CVE-2021-25252 | plural Trend Micro Resource depletion vulnerability in the product |
CVSS V2: 4.9 CVSS V3: 5.5 Severity: Medium |
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. plural Trend Micro The product contains a resource depletion vulnerability.Denial of service (DoS) It may be put into a state
| VAR-202103-1589 | CVE-2021-1470 | Cisco Systems Cisco Catalyst SD-WAN Manager Input verification vulnerability in |
CVSS V2: - CVSS V3: 4.9 Severity: MEDIUM |
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
This vulnerability is due to improper input validation of SQL queries to an affected system. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the vManage database or the underlying operating system.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco Systems Cisco Catalyst SD-WAN Manager There is an input validation vulnerability in.Information may be tampered with
| VAR-202103-1626 | CVE-2021-1462 | Cisco Systems Cisco Catalyst SD-WAN Manager Input verification vulnerability in |
CVSS V2: - CVSS V3: 4.4 Severity: MEDIUM |
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system.
The vulnerability is due to incorrect privilege assignment. An attacker could exploit this vulnerability by logging in to an affected system with an Administrator account and creating a malicious file, which the system would parse at a later time. A successful exploit could allow the attacker to obtain root privileges on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Systems Cisco Catalyst SD-WAN Manager There is an input validation vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state