VARIoT IoT vulnerabilities database

VAR-202011-0859 | CVE-2020-28349 | ChirpStack Network Server Input confirmation vulnerability |
CVSS V2: 6.8 CVSS V3: 6.5 Severity: MEDIUM |
An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees that allowing untrusted LoRa gateways to the network should still result in a secure network. ** Unsettled ** This case has not been confirmed as a vulnerability. ChirpStack Network Server There is an input verification vulnerability in. Vendors have challenged this vulnerability. For more information, please see below NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2020-28349Denial of service (DoS) It may be put into a state. The software is applied to the wireless connection of the Internet of Things, and has the characteristics of low power consumption, long distance and high capacity. No detailed vulnerability details are currently provided
VAR-202011-0857 | CVE-2020-28347 | TP-Link Archer A7 AC1750 Command Injection Vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled. TP-Link Archer A7 AC1750 A command injection vulnerability exists in the device. This vulnerability is CVE-2020-10882 It is a vulnerability caused by an incomplete fix.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. TP-Link Archer A7 AC1750 is a wireless router from China TP-Link Company
VAR-202011-1544 | No CVE | Omron small PLC series CP1L has a denial of service vulnerability (CNVD-2020-58493) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
CP1L is an Omron small PLC series, integrated PLC with built-in pulse output, analog input and output, and serial communication functions.
Omron small PLC series CP1L has a denial of service vulnerability, which can be exploited by attackers to cause device connection interruption.
VAR-202011-1553 | No CVE | Omron small PLC series CP1L has a denial of service vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
CP1L is an Omron small PLC series, integrated PLC with built-in pulse output, analog input and output, and serial communication functions.
Omron's small PLC series CP1L has a denial of service vulnerability. Attackers can use the vulnerability to stop the program running on the device itself.
VAR-202011-1559 | No CVE | Omron small PLC series CP1L has a denial of service vulnerability (CNVD-2020-58494) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
CP1L is an Omron small PLC series, integrated PLC with built-in pulse output, analog input and output, and serial communication functions.
Omron's small PLC series CP1L has a denial of service vulnerability. Attackers can use the vulnerability to clear the logic files running inside the device, causing production and business interruption.
VAR-202011-1599 | No CVE | Mitsubishi PLC FX3U-32M has a denial of service vulnerability (CNVD-2020-58825) |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
FX3U series Mitsubishi PLC is the third-generation micro-programmable controller.
Mitsubishi PLC FX3U-32M has a denial of service vulnerability. Attackers can use the vulnerability to cause the RUN light of the device to go out and the output module to stop working.
VAR-202011-1519 | No CVE | An information disclosure vulnerability exists in the wolink plugin of Unicom Optical Cat |
CVSS V2: 3.3 CVSS V3: - Severity: LOW |
Unicom optical modem is a router.
There is an information disclosure vulnerability in the wolink plug-in of China Unicom Optical Cat. The vulnerability is caused by the failure of the plug-in authentication process. Attackers can use the vulnerability to obtain sensitive information.
VAR-202011-1521 | No CVE | A command execution vulnerability exists in the Unicom Optical modem web service |
CVSS V2: 8.3 CVSS V3: - Severity: HIGH |
Unicom optical modem is a router.
There is a command execution vulnerability in the Unicom Optical modem web service. Attackers can use the vulnerability to obtain server permissions.
VAR-202011-1522 | No CVE | Rockchip Microelectronics Co., Ltd. Rockchip has a binary vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Rockchip focuses on mobile Internet and digital multimedia chip design, and is a professional personal mobile information terminal SOC solution provider.
Rockchip Microelectronics Co., Ltd. Rockchip has a binary vulnerability. Attackers can use the vulnerability to launch a denial of service attack.
VAR-202011-0384 | CVE-2020-26892 | NATS nats-server Vulnerability in Using Hard Coded Credentials |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. NATS nats-server Is vulnerable to the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. NATS Server is an open source messaging system. The system is mainly used for cloud-native applications, IoT messaging, and microservice architecture
VAR-202011-0400 | CVE-2020-26521 | NATS nats-server In NULL Pointer dereference vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). NATS Server is an open source messaging system. The system is mainly used for cloud-native applications, IoT messaging, and microservice architecture
VAR-202011-1352 | CVE-2020-5795 | TP-Link Archer A7 Link interpretation vulnerability in |
CVSS V2: 7.2 CVSS V3: 6.2 Severity: MEDIUM |
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a crafted USB drive into the router. TP-Link Archer A7 There is a link interpretation vulnerability in.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. TP-Link Archer A7 is a wireless router of China's TP-Link company. No detailed vulnerability details are currently provided
VAR-202011-0840 | CVE-2020-28168 | Axios NPM Server-side request forgery vulnerability in package |
CVSS V2: 4.3 CVSS V3: 5.9 Severity: MEDIUM |
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address
VAR-202011-0904 | CVE-2020-28327 | Asterisk Open Source and Certified Asterisk Improper Resource Shutdown and Release Vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.3 Severity: MEDIUM |
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling
VAR-202011-0887 | CVE-2020-28242 | Asterisk Open Source and Certified Asterisk Recursion control vulnerability in |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur
VAR-202011-1224 | CVE-2020-8267 | UniFi Protect Authentication vulnerability in controller |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer. UniFi Protect An authentication vulnerability exists in the controller.Information may be tampered with. Ubiquiti Networks UniFi Cloud Key is a key device from Ubiquiti Networks that supports the management of UniFi networks. This vulnerability number has been assigned, and the vulnerability details will be updated soon
VAR-202011-1589 | No CVE | A weak password vulnerability exists in the management server V2.3 of Hangzhou Hikvision Digital Technology Co., Ltd. |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision) is a video-centric intelligent IoT solution and big data service provider.
The management server V2.3 of Hangzhou Hikvision Digital Technology Co., Ltd. has a weak password vulnerability. Attackers can use the vulnerability to log in to the server background.
VAR-202011-1590 | No CVE | Excitel HGW RL821GWV-D has an information disclosure vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
HGW RL821GWV-D is a router.
Excitel HGW RL821GWV-D has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.
VAR-202011-1591 | No CVE | Richerlink EPON RL821GWV-D has an information disclosure vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
EPON RL821GWV-D is a router.
Richerlink EPON RL821GWV-D has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.
VAR-202011-1592 | No CVE | Syrotech EPON SY-GPON-1110-WDAONT has an information disclosure vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
EPON SY-GPON-1110-WDAONT is a router.
Syrotech EPON SY-GPON-1110-WDAONT has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.