VARIoT IoT vulnerabilities database

ACS SpiiPlusEC-08 is a motion controller produced by ACS Motion Control, which supports Ethernet communication. ACS Motion Control ACS SpiiPlusEC-08 TCP protocol has a denial of service vulnerability. Attackers can use the vulnerability to launch a denial of service attack.

SCU9020 is the controller of Zhejiang Supcon TCS-900 safety instrumented system, which can be configured through the Ethernet communication module in the TCS-900 safety instrumented system. There is a denial of service vulnerability in the TCS-900 security instrumented system of Zhejiang Zhongkong. Attackers can use the vulnerability to cause a denial of service attack.

Ruijie Networks became a leading brand in China's data communication solutions since January 2000. Ruijie Gateway has an unauthorized access vulnerability. Attackers can use this vulnerability to execute arbitrary commands on the target device with root privileges.

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. TP-Link Provides Wi-Fi Router TL-WR841N Hardware version V13 (JP) For firmware for OS Command injection vulnerabilities (CWE-78) Exists. TP-Link According to the hardware version V14 (JP) It is said that this vulnerability does not exist in the firmware for. This vulnerability information is available from Three Shake Co., Ltd. Koh You Liang He reports directly to the product developer, and after coordinating with the product developer, aims to inform the product user. JVN It was announced in.Of the product web The user who can log in to the interface is not expected due to the firmware design OS May execute the command. Tp-link TL-WR841N is a wireless router of Tp-link company in China. Attackers can use this vulnerability to execute arbitrary commands on the system

EasyGate (hereinafter referred to as RG-EG) is a multi-service integrated gateway product launched by Ruijie Networks to solve the current network export problems. Ruijie Networks Co., Ltd. EasyGate easy gateway has a command execution vulnerability. Attackers can use this vulnerability to obtain the root shell of the device without requiring device authorization (that is, without logging in), and execute arbitrary commands remotely.

Schneider Electric (China) Co., Ltd. is a leader in the field of global energy efficiency management. Its main business includes electric power, industrial automation, infrastructure, energy efficiency, energy, building automation and security electronics. Schneider Electric Triconex MP3008 has a code execution vulnerability, which can be exploited by attackers to gain control of the server.

The business scope of New Cape Electronics Co., Ltd. includes: computer system integration, development and operation and maintenance, software, smart card machines, smart terminals, electronic instruments, etc. New Cape Electronics Co., Ltd. Internet of Things platform has an arbitrary file download vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Wuhan Cetron Technology Co., Ltd. (abbreviated as Cetron) is a high-tech and innovative enterprise focusing on the design and development of smart home products. There is a binary vulnerability in the Xtron easy-control wireless controller. An attacker can use this vulnerability to gain control of the server.

Wuhan Cetron Technology Co., Ltd. (abbreviated as Cetron) is a high-tech and innovative enterprise focusing on the design and development of smart home products. There is an unauthorized access vulnerability in the MQTT server of Xichuang Easy-Control Wireless Controller. Attackers can use this vulnerability to obtain credentials by unpacking the firmware.

Alcatel-Lucent (Alcatel-Lucent) is a multinational company that provides telecommunications hardware and software equipment and services, headquartered in Paris, France. Alcatel OAW series smart wireless AP devices have binary vulnerabilities. An attacker can use this vulnerability to gain control of the server.

As a leading enterprise in China's information security industry, Beijing Top Rongxin Technology Co., Ltd. was established in 1995 and headquartered in Beijing. TOPSEC TAP series smart wireless AP devices have an unauthorized access vulnerability. Attackers can use this vulnerability to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

Beijing Huaxin Aotian Network Technology Co., Ltd. was registered and established in Haidian Branch on October 13, 2015. Legal representative Liu Jun, the company's business scope includes technology development, technology promotion, technology transfer, technology consulting, technology services, etc. Huaxin Aotian HAN series smart wireless AP devices have a binary vulnerability. Attackers can use the vulnerability to gain control of the server.

As a leading enterprise in China's information security industry, Beijing Top Rongxin Technology Co., Ltd. was established in 1995 and headquartered in Beijing. TOPSEC TAP series smart wireless AP devices have a binary vulnerability, which can be exploited by attackers to gain control of the server.

Alcatel-Lucent (Alcatel-Lucent) is a multinational company that provides telecommunications hardware and software equipment and services, headquartered in Paris, France. Alcatel OAW series of smart wireless AP devices have unauthorized access vulnerabilities. Attackers can use the vulnerabilities to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

Beijing Huaxin Aotian Network Technology Co., Ltd. was registered and established in Haidian Branch on October 13, 2015. The company's business scope includes technology development, technology promotion, technology transfer, technology consulting, technology services, etc. Huaxin Aotian HAN series smart wireless AP devices have an unauthorized access vulnerability. Attackers can use this vulnerability to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

CAXA CNC car is an industrial automation CNC graphic design tool. CAXA CNC car v2015 has a privilege escalation vulnerability. Attackers can use this vulnerability to execute arbitrary code and increase privileges.

Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Provided by NEC Corporation Aterm WF800HP , Aterm WG2600HP and Aterm WG2600HP2 There are multiple vulnerabilities in. Aterm WF800HP ・ Cross-site scripting (CWE-79) - CVE-2021-20620Aterm WG2600HP and Aterm WG2600HP2 ・ Inadequate access restrictions (CWE-284) - CVE-2017-12575 ・ Cross-site request forgery (CWE-352) - CVE-2021-20621 ・ Cross-site scripting (CWE-79) - CVE-2021-20622CVE-2021-20620 This vulnerability information is provided by the following persons based on Information Security Early Warning Partnership: IPA Report to JPCERT/CC Coordinated with the developers. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru Mr CVE-2021-20621, CVE-2021-20622 This vulnerability information is provided by the following persons based on Information Security Early Warning Partnership: IPA Report to JPCERT/CC Coordinated with the developers. Reporter : Cyber Defense Institute, Inc. Iwasaki Tokumei MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who accessed the product. - CVE-2021-20620 ・ The setting information stored in the product may be stolen or changed by a remote third party. - CVE-2017-12575 -When a user logged in to the product accesses a specially crafted page, he / she is forced to perform an unintended operation. - CVE-2021-20621 -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2021-20622

TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of TPE files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process

A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of ISP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics ISPSoft is a set of PLC (Programmable Logic Controller) programming software of Delta Electronics, Taiwan, China. Delta Electronics ISPSoft v3.12 and prior has an access control error vulnerability, which is caused by the network system or product improperly restricting access to resources from unauthorized roles

An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of TPE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process