VARIoT IoT vulnerabilities database

ZTE Corporation is the world's leading provider of integrated communications solutions. ZTE Corporation ZXHN F460S has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service attack.

DIAView is an automated management system with real-time system monitoring, data acquisition and analysis functions. The DIAView configuration software of Delta Electronics Enterprise Management (Shanghai) Co., Ltd. has an arbitrary file reading vulnerability. Attackers can use this vulnerability to obtain sensitive information.

The business scope of Beijing Xinnuoride Software System Co., Ltd. includes: software development; computer system services; technology promotion services; technical development of network equipment, communication products, computer hardware and software, etc. The WiseGrid Huimin application delivery gateway has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

ZTE Corporation is the world's leading provider of integrated communications solutions. ZTE Corporation ZXHN F4600U has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service attack.

An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality. FortiProxy Contains an improper authentication vulnerability.Information may be obtained. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. There is a security vulnerability in FortiProxy SSL VPN, which allows attackers to exploit the vulnerability to obtain credentials of SSL VPN users

When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header. FortiGate Contains an unspecified vulnerability.Information may be tampered with. Opera Software Opera is a web browser produced by Opera Software in Norway. It supports multi-window browsing, custom user interface and other functions. HTTPS (Hypertext Transfer Protocol Secure) is a network security transmission protocol, which communicates via Hypertext Transfer Protocol (HTTP) on a computer network, and uses SSL/TLS to encrypt data packets. The main purpose of HTTPS development is to provide identity authentication to web servers and protect the privacy and integrity of exchanged data. Vulnerabilities exist in Opera Software Opera and HTTPS. The following products and versions are affected:

XINJE XL5E-16T is a series of Ethernet controller products. XINJE XL5E-16T ModbusTCP protocol has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and fail to work normally.

Moxa is a leading manufacturer of industrial automation, providing complete industrial equipment networking, industrial computers and industrial network solutions, and is committed to the joint promotion and practice of industrial Internet. The MOXA AWK-1131A Ethernet 802LLC protocol has a denial of service vulnerability, which can be exploited by an attacker to cause the device to fail to work normally.

XINJE XDME-30T4-E is a controller product of the Ethernet series. XINJE XDME-30T4-E ModbusTCP protocol has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and fail to work normally.

Mitsubishi Electric FX5U-32MT/ES is a programmable logic controller (PLC) product of the MELSEC FX series. The ARP protocol of MITSUBISHI Electric FX5U-32MT/ES has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to fail to work normally.

China Mobile Communications Group Co., Ltd. is a mobile communications operator whose business scope includes: basic telecommunications services; value-added telecommunications services, etc. China Mobile Communications Group Co., Ltd. GM619 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

TL-ER7520G is a new generation of all-gigabit enterprise router products. Universal Technology Co., Ltd. TL-ER7520G has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

TL-ER5520G is a gigabit router. Prolink Technology Co., Ltd. TL-ER5520G has a denial of service vulnerability. Attackers can use the vulnerability to cause a denial of service.

Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users. Skyworth Digital Co., Ltd. DT741-csg has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users. Skyworth Digital Co., Ltd. DT541-csg has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users. Skyworth Digital Co., Ltd. DT541 has a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service.

Skyworth Digital Co., Ltd. ("Skyworth Digital" for short) is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users. Skyworth Digital Co., Ltd. DT521 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

TM218LDAE24DRHN is a programmable logic controller (PLC) product of Modicon owned by Schneider Electric, France. The Schneider TM218LDAE24DRHN IPv4 protocol stack has a denial of service vulnerability. Attackers can use this vulnerability to cause the device to crash and fail to work normally.

XINJE XL5E-16T PLC unit is a series of Ethernet controller products. XINJE XL5E-16T has a denial of service vulnerability. An attacker can use this vulnerability to cause the device to fail to work normally.

D-Link Electronic Equipment (Shanghai) Co., Ltd. is a company mainly engaged in network equipment, wireless equipment, switches and other projects. D-Link Electronic Equipment (Shanghai) Co., Ltd. DIR-878 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.