VARIoT IoT vulnerabilities database
| VAR-202102-0642 | CVE-2021-22302 | Taurus-AL00A Out-of-bounds read vulnerability |
CVSS V2: 3.6 CVSS V3: 7.1 Severity: HIGH |
There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service. Taurus-AL00A Is vulnerable to an out-of-bounds read.Information is obtained and denial of service (DoS) It may be put into a state. Huawei Taurus-AL00A is a smartphone of China's Huawei (Huawei) company. The vulnerability stems from the program's failure to properly validate certain inputs. Attackers can use some apps to send malicious messages to the module to use this vulnerability to cause out-of-bounds and affect the normal use of the device
| VAR-202102-0643 | CVE-2021-22303 | Taurus-AL00A Double release vulnerability in |
CVSS V2: 4.3 CVSS V3: 3.3 Severity: LOW |
There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal service. Huawei Taurus-AL00A is a smart phone of China's Huawei (Huawei) company.
Huawei Taurus-AL00A 10.0.0.1 (C00E1R1P1) has security vulnerabilities. The vulnerability stems from the fact that the program does not set multi-thread reentrancy protection when calling a function
| VAR-202102-0646 | CVE-2021-22306 | Mate 30 Out-of-bounds read vulnerability |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service. Mate 30 Is vulnerable to an out-of-bounds read.Denial of service (DoS) It may be put into a state. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company. The vulnerability stems from the program not validating the input correctly
| VAR-202102-0647 | CVE-2021-22307 | Mate 30 Vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module. Mate 30 Exists in unspecified vulnerabilities.Information may be tampered with. Huawei Mate 30 is a smart phone of China's Huawei (Huawei) company
| VAR-202102-0157 | CVE-2020-15833 | Mofi Network MOFI4500-4GXeLTE backdoor vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom location that cannot be modified by the device owner. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company
| VAR-202102-0156 | CVE-2020-15832 | Mofi Network MOFI4500-4GXeLTE remote restart backdoor vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The poof.cgi script contains undocumented code that provides the ability to remotely reboot the device. An adversary with the private key (but not the root password) can remotely reboot the device. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company
| VAR-202102-0101 | CVE-2020-13859 | Mofi Network MOFI-GXeLTE certification bypass vulnerability |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interface without a password by abusing a forgotten-password feature. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. Attackers can use the vulnerabilities to log in to the mofidev user with any password. After logging in, the root user's password can be modified
| VAR-202102-0158 | CVE-2020-15834 | Mofi Network MOFI4500-4GXeLTE Unauthorized Information Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The wireless network password is exposed in a QR encoded picture that an unauthenticated adversary can download via the web-management interface. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. Attackers can use this vulnerability to access /wifi.png to obtain the QR code of the Wi-Fi password
| VAR-202102-0099 | CVE-2020-13857 | Mofi Network MOFI4500-4GXeLTE Unauthorized Remote Restart Vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They can be rebooted by sending an unauthenticated poof.cgi HTTP GET request. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. Attackers can use this vulnerability to access /cgi-bin/poof.cgi to remotely restart the device
| VAR-202102-0102 | CVE-2020-13860 | Mofi Network MOFI4500-4GXeLTE security feature issue vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. Attackers can use this vulnerability to know its generation algorithm through firmware reverse engineering, and directly calculate a one-time password based on the PIN code
| VAR-202102-0100 | CVE-2020-13858 | Mofi Network MOFI4500-4GXeLTE has unspecified vulnerabilities |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They contain two undocumented administrator accounts. The sftp and mofidev accounts are defined in /etc/passwd and the password is not unique across installations. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. No detailed vulnerability details are currently provided
| VAR-202102-0159 | CVE-2020-15835 | Mofi Network MOFI4500-4GXeLTE certification bypass vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function contains undocumented code that provides the ability to authenticate as root without knowing the actual root password. An adversary with the private key can remotely authenticate to the management interface as root. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company
| VAR-202102-0098 | CVE-2020-13856 | Mofi Network MOFI4500-4GXeLTE Unauthorized Information Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credentials and password hashes. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. Attackers can use this leak to gain unauthorized access to /systemlog.tar.gz to obtain information such as /etc/shadow and plaintext Wi-Fi credentials
| VAR-202102-0160 | CVE-2020-15836 | Mofi Network MOFI4500-4GXeLTE unauthorized RCE vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The authentication function passes untrusted data to the operating system without proper sanitization. A crafted request can be sent to execute arbitrary commands as root. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. No detailed vulnerability details are currently provided
| VAR-202101-2017 | No CVE | Bohan Weiye (Beijing) Technology Co., Ltd. has logic flaws and loopholes in the integrated management and control cloud service platform of community arterial property management |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
Bohan Weiye (Beijing) Technology Co., Ltd. is a comprehensive solution provider for mobile Internet of Things.
Bohan Weiye (Beijing) Technology Co., Ltd. has logic flaws and loopholes in the community arterial property management integrated management and control cloud service platform. Attackers can use vulnerabilities to log in to the system to gain administrator rights and perform unauthorized operations.
| VAR-202101-0105 | CVE-2020-14418 | Madshi MadCodeHook Security hole |
CVSS V2: 6.9 CVSS V3: 7.0 Severity: HIGH |
A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions. Madshi MadCodeHook is a code library organized by Madshi to handle code compatibility between 32-bit and 64-bit Windows 2000 to Windows 10 systems
| VAR-202101-1962 | No CVE | Rockchip has a binary vulnerability (CNVD-2020-75210) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Rockchip Microelectronics Co., Ltd. has a R&D team specializing in system-level chip design and algorithm research, providing professional chip solutions for high-end smart hardware, mobile phone peripherals, tablet computers, TV set-top boxes, industrial control and other fields.
Rockchip has a binary vulnerability. Attackers can use this vulnerability to cause the program to crash.
| VAR-202101-1963 | No CVE | Rockchip microchip has a binary vulnerability (CNVD-2020-75211) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Rockchip Microelectronics Co., Ltd. has a R&D team specializing in system-level chip design and algorithm research, providing professional chip solutions for high-end smart hardware, mobile phone peripherals, tablet computers, TV set-top boxes, industrial control and other fields.
Rockchip has a binary vulnerability. Attackers can use this vulnerability to cause the program to crash.
| VAR-202101-2013 | No CVE | Rockchip has a binary vulnerability (CNVD-2020-75212) |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Rockchip Microelectronics Co., Ltd. has a R&D team specializing in system-level chip design and algorithm research, providing professional chip solutions for high-end smart hardware, mobile phone peripherals, tablet computers, TV set-top boxes, industrial control and other fields.
Rockchip has a binary vulnerability. Attackers can use this vulnerability to cause the program to crash.
| VAR-202101-0207 | CVE-2020-24669 | Hitachi Vantara Pentaho Cross-site scripting vulnerability |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'Analysis Report Description' field in 'About this Report' section. Remediated in >= 8.3.0.9, >= 9.0.0.1, and >= 9.1.0.0 GA