VARIoT IoT vulnerabilities database

Rockchip Microelectronics Co., Ltd. has a R&D team specializing in system-level chip design and algorithm research, providing professional chip solutions for high-end smart hardware, mobile phone peripherals, tablet computers, TV set-top boxes, industrial control and other fields. Rockchip Microchip has loopholes in conditional competition. Attackers can use this vulnerability to cause the program to crash.

China Mobile Yu Router is a router. There are unauthorized access vulnerabilities in China Mobile Yu routing. Attackers can use this vulnerability to directly access the router backend.

China Mobile Yu Router is a router. There is a weak password vulnerability in China Mobile Yu routing. Attackers can use this vulnerability to log in to the router backend to obtain sensitive information.

D-Link DIR-852 is a wireless router. The D-Link DIR-852 UPNP protocol request has a command execution vulnerability. Attackers can use vulnerabilities to control routers to execute commands.

H3C ER5200G2 is a new generation of enterprise-class Gigabit high-performance routers, which are positioned in the SMB market for Ethernet/optical/xDSL access, mainly including government agencies, small and medium-sized enterprises, hotels, schools, hospitals, Internet cafes, etc. that require high-speed Internet access Web environment. H3C ER5200G2 has weak password vulnerability. Attackers can use this vulnerability to log in to the router backend to obtain sensitive information.

H3C ERG2-450W is an enterprise-class Gigabit VPN router. H3C ERG2-450W has a weak password vulnerability. Attackers can use this vulnerability to log in to the router background to obtain sensitive information.

WIFI industrial router F5936 is an industrial grade WIFI router. Xiamen Sixin Communication Technology Co., Ltd. WIFI industrial router F5936 has an unauthorized access vulnerability. Attackers can use vulnerabilities to obtain sensitive information.

Rockchip Microelectronics Co., Ltd. has a R&D team specializing in system-level chip design and algorithm research, providing professional chip solutions for high-end smart hardware, mobile phone peripherals, tablet computers, TV set-top boxes, industrial control and other fields. Rockchip Microchip has loopholes in conditional competition. Attackers can use this vulnerability to cause the program to crash.

China Mobile Yu Router is a router. There are unauthorized access vulnerabilities in China Mobile Yu routing. Attackers can use this vulnerability to directly access the router backend.

China Mobile Yu Router is a router. There is a weak password vulnerability in China Mobile Yu routing. Attackers can use this vulnerability to log in to the router backend to obtain sensitive information.

Modicon M580 is a programmable logic controller launched by Schneider Electric. Schneider Electric Modicon M580 has a denial of service vulnerability. Attackers can use the vulnerability to cause PLC denial of service and interrupt remote communication with the device.

Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. Provided by Mitsubishi Electric Corporation MELSEC iQ-R Of the series EtherNet/IP Network interface unit, PROFINET IO Controller unit, high-speed data logger unit, MES Interface unit and OPC UA Of the server unit TCP/IP There are multiple vulnerabilities in the stack. ‥ * Buffer error (CWE-119) - CVE-2020-5653 ‥ * Session immobilization (CWE-384) - CVE-2020-5654 ‥ * NULL Pointer dereference (CWE-476) - CVE-2020-5655 ‥ * Inappropriate access control (CWE-284) - CVE-2020-5656 ‥ * Insert or change arguments (CWE-88) - CVE-2020-5657 ‥ * Resource management issues (CWE-399) - CVE-2020-5658 This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Receiving packets crafted by a third party can cause the product's network functionality to stop or malicious programs to run

Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. Provided by Mitsubishi Electric Corporation MELSEC iQ-R Of the series EtherNet/IP Network interface unit, PROFINET IO Controller unit, high-speed data logger unit, MES Interface unit and OPC UA Of the server unit TCP/IP There are multiple vulnerabilities in the stack. ‥ * Buffer error (CWE-119) - CVE-2020-5653 ‥ * Session immobilization (CWE-384) - CVE-2020-5654 ‥ * NULL Pointer dereference (CWE-476) - CVE-2020-5655 ‥ * Inappropriate access control (CWE-284) - CVE-2020-5656 ‥ * Insert or change arguments (CWE-88) - CVE-2020-5657 ‥ * Resource management issues (CWE-399) - CVE-2020-5658 This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Receiving packets crafted by a third party can cause the product's network functionality to stop or malicious programs to run

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. Provided by Mitsubishi Electric Corporation MELSEC iQ-R Of the series EtherNet/IP Network interface unit, PROFINET IO Controller unit, high-speed data logger unit, MES Interface unit and OPC UA Of the server unit TCP/IP There are multiple vulnerabilities in the stack. ‥ * Buffer error (CWE-119) - CVE-2020-5653 ‥ * Session immobilization (CWE-384) - CVE-2020-5654 ‥ * NULL Pointer dereference (CWE-476) - CVE-2020-5655 ‥ * Inappropriate access control (CWE-284) - CVE-2020-5656 ‥ * Insert or change arguments (CWE-88) - CVE-2020-5657 ‥ * Resource management issues (CWE-399) - CVE-2020-5658 This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Receiving packets crafted by a third party can cause the product's network functionality to stop or malicious programs to run

Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number '22081' and earlier , Q 03/04/06/13/26 UDVCPU serial number '22031' and earlier, Q 04/06/13/26 UDPVCPU serial number '22031' and earlier, Q 172/173 DCPU all versions, Q 172/173 DSCPU all versions, Q 170 MCPU all versions, Q 170 MSCPU all versions, L 02/06/26 CPU (-P) and L 26 CPU - (P) BT all versions) allows a remote unauthenticated attacker to stop the Ethernet communication functions of the products via a specially crafted packet, which may lead to a denial of service (DoS) condition . Provided by Mitsubishi Electric Corporation MELSEC iQ-R , Q and L Of the series CPU The unit has a resource exhaustion vulnerability. (CWE-400) exists. This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.When a packet crafted by a remote third party is received, Ethernet Communications disrupt service operations (DoS) may become a state. A reset is required for recovery

Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp. Synology Router Manager (SRM) Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Synology Router Manager (SRM) is a software for configuring and managing Synology routers developed by Synology, Taiwan

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors. Synology Router Manager (SRM) is a software for configuring and managing Synology routers developed by Synology, Taiwan. Synology Router Manager (SRM) prior to version 1.2.4-8081 has a security vulnerability. This vulnerability originates from QuickConnect

Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. Synology Router Manager (SRM) There is a vulnerability in the lack of encryption of critical data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Synology Router Manager (SRM) is a software for configuring and managing Synology routers developed by Synology, Taiwan. Synology Router Manager (SRM) prior to version 1.2.4-8081 has a security vulnerability

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. Provided by Mitsubishi Electric Corporation MELSEC iQ-R Of the series EtherNet/IP Network interface unit, PROFINET IO Controller unit, high-speed data logger unit, MES Interface unit and OPC UA Of the server unit TCP/IP There are multiple vulnerabilities in the stack. ‥ * Buffer error (CWE-119) - CVE-2020-5653 ‥ * Session immobilization (CWE-384) - CVE-2020-5654 ‥ * NULL Pointer dereference (CWE-476) - CVE-2020-5655 ‥ * Inappropriate access control (CWE-284) - CVE-2020-5656 ‥ * Insert or change arguments (CWE-88) - CVE-2020-5657 ‥ * Resource management issues (CWE-399) - CVE-2020-5658 This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Receiving packets crafted by a third party can cause the product's network functionality to stop or malicious programs to run

NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. Provided by Mitsubishi Electric Corporation MELSEC iQ-R Of the series EtherNet/IP Network interface unit, PROFINET IO Controller unit, high-speed data logger unit, MES Interface unit and OPC UA Of the server unit TCP/IP There are multiple vulnerabilities in the stack. ‥ * Buffer error (CWE-119) - CVE-2020-5653 ‥ * Session immobilization (CWE-384) - CVE-2020-5654 ‥ * NULL Pointer dereference (CWE-476) - CVE-2020-5655 ‥ * Inappropriate access control (CWE-284) - CVE-2020-5656 ‥ * Insert or change arguments (CWE-88) - CVE-2020-5657 ‥ * Resource management issues (CWE-399) - CVE-2020-5658 This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.Receiving packets crafted by a third party can cause the product's network functionality to stop or malicious programs to run