VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202011-0859 CVE-2020-28349 ChirpStack Network Server  Input confirmation vulnerability CVSS V2: 6.8
CVSS V3: 6.5
Severity: MEDIUM
An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees that allowing untrusted LoRa gateways to the network should still result in a secure network. ** Unsettled ** This case has not been confirmed as a vulnerability. ChirpStack Network Server There is an input verification vulnerability in. Vendors have challenged this vulnerability. For more information, please see below NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2020-28349Denial of service (DoS) It may be put into a state. The software is applied to the wireless connection of the Internet of Things, and has the characteristics of low power consumption, long distance and high capacity. No detailed vulnerability details are currently provided
VAR-202011-0857 CVE-2020-28347 TP-Link Archer A7 AC1750 Command Injection Vulnerability CVSS V2: 10.0
CVSS V3: 9.8
Severity: CRITICAL
tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled. TP-Link Archer A7 AC1750 A command injection vulnerability exists in the device. This vulnerability is CVE-2020-10882 It is a vulnerability caused by an incomplete fix.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. TP-Link Archer A7 AC1750 is a wireless router from China TP-Link Company
VAR-202011-1544 No CVE Omron small PLC series CP1L has a denial of service vulnerability (CNVD-2020-58493) CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
CP1L is an Omron small PLC series, integrated PLC with built-in pulse output, analog input and output, and serial communication functions. Omron small PLC series CP1L has a denial of service vulnerability, which can be exploited by attackers to cause device connection interruption.
VAR-202011-1553 No CVE Omron small PLC series CP1L has a denial of service vulnerability CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
CP1L is an Omron small PLC series, integrated PLC with built-in pulse output, analog input and output, and serial communication functions. Omron's small PLC series CP1L has a denial of service vulnerability. Attackers can use the vulnerability to stop the program running on the device itself.
VAR-202011-1559 No CVE Omron small PLC series CP1L has a denial of service vulnerability (CNVD-2020-58494) CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
CP1L is an Omron small PLC series, integrated PLC with built-in pulse output, analog input and output, and serial communication functions. Omron's small PLC series CP1L has a denial of service vulnerability. Attackers can use the vulnerability to clear the logic files running inside the device, causing production and business interruption.
VAR-202011-1599 No CVE Mitsubishi PLC FX3U-32M has a denial of service vulnerability (CNVD-2020-58825) CVSS V2: 6.1
CVSS V3: -
Severity: MEDIUM
FX3U series Mitsubishi PLC is the third-generation micro-programmable controller. Mitsubishi PLC FX3U-32M has a denial of service vulnerability. Attackers can use the vulnerability to cause the RUN light of the device to go out and the output module to stop working.
VAR-202011-1519 No CVE An information disclosure vulnerability exists in the wolink plugin of Unicom Optical Cat CVSS V2: 3.3
CVSS V3: -
Severity: LOW
Unicom optical modem is a router. There is an information disclosure vulnerability in the wolink plug-in of China Unicom Optical Cat. The vulnerability is caused by the failure of the plug-in authentication process. Attackers can use the vulnerability to obtain sensitive information.
VAR-202011-1521 No CVE A command execution vulnerability exists in the Unicom Optical modem web service CVSS V2: 8.3
CVSS V3: -
Severity: HIGH
Unicom optical modem is a router. There is a command execution vulnerability in the Unicom Optical modem web service. Attackers can use the vulnerability to obtain server permissions.
VAR-202011-1522 No CVE Rockchip Microelectronics Co., Ltd. Rockchip has a binary vulnerability CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
Rockchip focuses on mobile Internet and digital multimedia chip design, and is a professional personal mobile information terminal SOC solution provider. Rockchip Microelectronics Co., Ltd. Rockchip has a binary vulnerability. Attackers can use the vulnerability to launch a denial of service attack.
VAR-202011-0384 CVE-2020-26892 NATS nats-server  Vulnerability in Using Hard Coded Credentials CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. NATS nats-server Is vulnerable to the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. NATS Server is an open source messaging system. The system is mainly used for cloud-native applications, IoT messaging, and microservice architecture
VAR-202011-0400 CVE-2020-26521 NATS nats-server  In  NULL  Pointer dereference vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). NATS Server is an open source messaging system. The system is mainly used for cloud-native applications, IoT messaging, and microservice architecture
VAR-202011-1352 CVE-2020-5795 TP-Link Archer A7  Link interpretation vulnerability in CVSS V2: 7.2
CVSS V3: 6.2
Severity: MEDIUM
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a crafted USB drive into the router. TP-Link Archer A7 There is a link interpretation vulnerability in.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. TP-Link Archer A7 is a wireless router of China's TP-Link company. No detailed vulnerability details are currently provided
VAR-202011-0840 CVE-2020-28168 Axios NPM  Server-side request forgery vulnerability in package CVSS V2: 4.3
CVSS V3: 5.9
Severity: MEDIUM
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address
VAR-202011-0904 CVE-2020-28327 Asterisk Open Source  and  Certified Asterisk  Improper Resource Shutdown and Release Vulnerability in CVSS V2: 2.1
CVSS V3: 5.3
Severity: MEDIUM
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling
VAR-202011-0887 CVE-2020-28242 Asterisk Open Source  and  Certified Asterisk  Recursion control vulnerability in CVSS V2: 4.0
CVSS V3: 6.5
Severity: MEDIUM
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur
VAR-202011-1224 CVE-2020-8267 UniFi Protect  Authentication vulnerability in controller CVSS V2: 5.0
CVSS V3: 5.3
Severity: MEDIUM
A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer. UniFi Protect An authentication vulnerability exists in the controller.Information may be tampered with. Ubiquiti Networks UniFi Cloud Key is a key device from Ubiquiti Networks that supports the management of UniFi networks. This vulnerability number has been assigned, and the vulnerability details will be updated soon
VAR-202011-1589 No CVE A weak password vulnerability exists in the management server V2.3 of Hangzhou Hikvision Digital Technology Co., Ltd. CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision) is a video-centric intelligent IoT solution and big data service provider. The management server V2.3 of Hangzhou Hikvision Digital Technology Co., Ltd. has a weak password vulnerability. Attackers can use the vulnerability to log in to the server background.
VAR-202011-1590 No CVE Excitel HGW RL821GWV-D has an information disclosure vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
HGW RL821GWV-D is a router. Excitel HGW RL821GWV-D has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.
VAR-202011-1591 No CVE Richerlink EPON RL821GWV-D has an information disclosure vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
EPON RL821GWV-D is a router. Richerlink EPON RL821GWV-D has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.
VAR-202011-1592 No CVE Syrotech EPON SY-GPON-1110-WDAONT has an information disclosure vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
EPON SY-GPON-1110-WDAONT is a router. Syrotech EPON SY-GPON-1110-WDAONT has an information disclosure vulnerability. Attackers can use the vulnerability to obtain sensitive information.