VARIoT IoT vulnerabilities database

KUKA.OfficeLite is KUKA's virtual robot controller. KUKA.OfficeLite has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary code remotely through constructed data.

Zhejiang Dahua Technology Co., Ltd. is a smart IoT solution provider and operation service provider with video as the core. Zhejiang Dahua Technology Co., Ltd. A3A04MG7 has a denial of service vulnerability. An attacker can use this vulnerability to cause a denial of service.

KUKA.OfficeLite is KUKA's virtual robot controller. KUKA.OfficeLite has a file upload vulnerability. An attacker can use the vulnerability to upload a webshell to gain server permissions.

GX Works2 is a PLC programming software. GX Works2 has an out-of-bounds memory access vulnerability. Attackers can use this vulnerability to cause the program to crash.

GX Works2 is a PLC programming software. GX Works2 has an out-of-bounds memory access vulnerability. Attackers can use this vulnerability to cause the program to crash.

EasyBuilder Pro is a configuration software developed by Weilun. EasyBuilder Pro has a denial of service vulnerability. An attacker can use this vulnerability to cause the process to fall into an endless loop, resulting in a denial of service.

EasyBuilder Pro is a configuration software developed by Weilun. EasyBuilder Pro has a stack overflow vulnerability. Attackers can use this vulnerability to cause the program to crash.

EasyBuilder Pro is a configuration software developed by Weilun. EasyBuilder Pro has a buffer overflow vulnerability. Attackers can use this vulnerability to cause the program to crash.

GX Works2 is a PLC programming software. GX Works2 has a code injection vulnerability. An attacker can use this vulnerability to gain server permissions.

ZTE Corporation is the world's leading provider of integrated communications solutions. ZTE Corporation IAD 16FXS has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

MAS mobile proxy server is an access tool that assists enterprises in realizing wireless applications in their original business systems. The MAS mobile proxy server of China Mobile Communications Co., Ltd. has an unauthorized access vulnerability. Attackers can use this vulnerability to access the background control interface and restart the device.

A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root. SonicWall GMS Contains an authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Sonicwall SonicWall Global Management System (GMS) is a set of global management system of American SonicWall (Sonicwall) company. The system enables rapid deployment and centralized management of Dell SonicWALL firewall, anti-spam, backup and recovery, and secure remote access solutions

There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause out-of-bound read and write, causing denial of service. (Vulnerability ID: HWPSIRT-2020-05103) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9211. Huawei of Mate 30 The firmware contains out-of-bounds read and out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company

HUAWEI IP PHONE 7960 and HUAWEI IP ESPACE 7910 are feature-rich and easy-to-use IP phones. HUAWEI IP PHONE 7960 and HUAWEI IP ESPACE 7910 have a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Hangzhou Hikvision System Technology Co., Ltd. is a provider of security products and industry solutions. Hangzhou Hikvision System Technology Co., Ltd. video encoding device access gateway has a directory traversal vulnerability. Attackers can use this vulnerability to traverse all directories and files of the device to obtain sensitive information.

Hangzhou Hikvision System Technology Co., Ltd. is a provider of security products and industry solutions. The video encoding equipment access network of Hangzhou Hikvision System Technology Co., Ltd. has an arbitrary file reading vulnerability. Attackers can use this vulnerability to read all files to obtain sensitive information.

Hangzhou Hikvision System Technology Co., Ltd. is a provider of security products and industry solutions. Hangzhou Hikvision System Technology Co., Ltd. video encoding equipment access gateway has an unauthorized access vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Shenzhen Hongdian Technology Co., Ltd. H8922 supports dual SIM card backup; built-in WiFi module, supports wired and wireless, wireless and wireless mutual backup; richer interfaces, stronger scalability (4 LAN ports, 1 WAN port); It is an industrial-grade VPN router with rich functions and a wide range of applications. The H8922 4G wireless router has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating independent research and development, production and sales of network equipment. Shenzhen Jixiang Tenda Technology Co., Ltd. Tenda router has an unauthorized access vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Shanghai Aitai Technology Co., Ltd. enterprising 750W is an enterprise-class wireless router. Shanghai Aitai Technology Co., Ltd. enterprising 750W has a command execution vulnerability. Attackers can use this vulnerability to gain control of the website server.