VARIoT IoT vulnerabilities database

Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. Zyxel USG A device contains a vulnerability in the plaintext storage of important information.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality. D-Link DSL-2888A There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. D-link DSL-2888A is a unified service router of China D-link company. D-Link DSL-2888A devices have an access control error vulnerability

The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application. S+ Operations Exists in a vulnerability related to incorrect resource movement between regions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency of ABB in Switzerland. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more

In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database. S+ Operations and S+ Historian Exists in an inadequate protection of credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process. S+ Operations and S+ History Contains an authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines. S+ Operations and S+ Historian Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability. S+ Operations and S+ Historian Has SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Both ABB Symphony Plus Operations and ABB Symphony Plus Historian are products of ABB, Switzerland. ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface, seamlessly integrates all plant equipment and subsystems using industry-standard protocols and technologies, and provides functions such as alarm management, process optimization, and more. ABB Symphony Plus Historian is a device for visually viewing and managing historical information of industrial equipment

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. When parsing the funjsq_access_token parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11653. plural NETGEAR The product contains a command injection vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-11653 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

LTE digital cellular mobile communication network MME equipment is an important network element of the LTE core network and is responsible for processing signaling. LTE digital cellular mobile communication network MME equipment has a denial of service vulnerability. An attacker can exploit the vulnerability to cause a denial of service attack.

Xiamen Kehua Hengsheng Co., Ltd. is the world's leading provider of ICT (information and communication) infrastructure and smart terminals. The UPS management module of Xiamen Kehua Hengsheng Co., Ltd. has a logic flaw vulnerability. Attackers can use this vulnerability to use a specially constructed Cookie value to bypass verification and inherit the permissions of the last logged-in user to directly access the management module.

In September 2013, Le Rong Zhixin Electronic Technology (Beijing) Co., Ltd., the company's business scope includes: technology promotion, technology development, technology consulting, technical services, etc. LeTV Super 4 x43 TV has a remote code execution vulnerability. Attackers can use this vulnerability to execute arbitrary code.

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>. ZTE E8810 is an intelligent cloud router of China ZTE Corporation. ZTE E8810 has a hard-coded vulnerability in the MQTT service

Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will freeze Philips Hue's hub and it will stop responding. The "hub" will stop operating and be frozen until the flood stops. During the flood, the user won't be able to turn on/off the lights, and all of the hub's functionality will be unresponsive. The cloud service also won't work with the hub

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users’ sessions. DELL Dell EMC Unisphere for PowerMax is a set of graphical management tools for PowerMax storage arrays developed by Dell (DELL)

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-11355. Zero Day Initiative To this vulnerability ZDI-CAN-11355 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

ThingsBoard before v3.2 is vulnerable to Host header injection in password-reset emails. This allows an attacker to send malicious links in password-reset emails to victims, pointing to an attacker-controlled server. Lack of validation of the Host header allows this to happen. ThingsBoard There are injection vulnerabilities and input verification vulnerabilities.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Thingsboard is a Java-based platform of Thingsboard team for IOT equipment monitoring, management, and data collection