VARIoT IoT vulnerabilities database

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. plural Cisco Small Business RV The router is assumed to be immutable Web There is a vulnerability related to external control of parameters.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the web service, which listens on TCP port 443 by default. When parsing the Content-Type request header, the process does not properly validate a user-supplied string before using it to execute a system call

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. plural Cisco Small Business RV An unspecified vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the web service, which listens on TCP port 443 by default. When parsing the Accept request header, the process does not properly validate a user-supplied string before using it to execute a system call

The business scope of Beijing Jiangwei Times Technology Co., Ltd. includes: technology promotion services; software design; economic and trade consulting; computer system services; basic software services, etc. The geological disaster monitoring and early warning IoT platform has SQL injection vulnerabilities, which can be exploited by attackers to obtain sensitive information.

The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be decrypted, affecting confidentiality, integrity, and availability of the device. eUDC660 There are unspecified vulnerabilities in the product.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei eUDC660 is a device provided by China's Huawei (Huawei) company to provide scheduling functions. The equipment supports broadband trunking dispatching in transportation, energy and other fields to improve the efficiency of voice, data, and video communication

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV The router is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. plural Cisco Small Business RV A command injection vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. plural Cisco Small Business RV A command injection vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK. Realtek RTL8195A Wi-Fi The module contains a vulnerability related to out-of-bounds writing.Denial of service (DoS) It may be put into a state. Realtek RTL8195A is an IoT microcontroller from Taiwan Realtek Semiconductor (Realtek). Realtek RTL8195A versions prior to 2.08 have a buffer overflow vulnerability

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch. The DTLS server side must be restarted to recover this. This allow clients to force a DoS. Eclipse Californium Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. Eclipse Californium is a Java-based code library of the Eclipse Foundation that provides Coap back-end support for the Internet of Things. No detailed vulnerability details are currently provided. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Integration Camel-K 1.4 release and security update Advisory ID: RHSA-2021:3205-01 Product: Red Hat Integration Advisory URL: https://access.redhat.com/errata/RHSA-2021:3205 Issue date: 2021-08-18 Cross references: RHBA-2021:79512-01 CVE Names: CVE-2020-13920 CVE-2020-17518 CVE-2020-17521 CVE-2020-26238 CVE-2020-27222 CVE-2020-27782 CVE-2020-28052 CVE-2020-29582 CVE-2021-20218 CVE-2021-27807 CVE-2021-27906 CVE-2021-30468 CVE-2021-31811 ===================================================================== 1. Summary: A minor version update (from 1.3 to 1.4) is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: A minor version update (from 1.3 to 1.4) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * cron-utils: template injection allows attackers to inject arbitrary Java EL expressions leading to remote code execution (CVE-2020-26238) * californium-core: DTLS - DoS vulnerability for certificate based handshakes (CVE-2020-27222) * undertow: special character in query results in server errors (CVE-2020-27782) * bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052) * activemq: improper authentication allows MITM attack (CVE-2020-13920) * flink: apache-flink: directory traversal attack allows remote file writing through the REST API (CVE-2020-17518) * groovy: OS temporary directory leads to information disclosure (CVE-2020-17521) * kubernetes-client: fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise (CVE-2021-20218) * pdfbox: infinite loop while loading a crafted PDF file (CVE-2021-27807) * cxf-rt-rs-json-basic: CXF: Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter (CVE-2021-30468) * kotlin-scripting-jvm: kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure (CVE-2020-29582) * pdfbox: OutOfMemory-Exception while loading a crafted PDF file (CVE-2021-27906) * pdfbox: OutOfMemory-Exception while loading a crafted PDF file (CVE-2021-31811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 1880101 - CVE-2020-13920 activemq: improper authentication allows MITM attack 1901304 - CVE-2020-27782 undertow: special character in query results in server errors 1901655 - CVE-2020-26238 cron-utils: template injection allows attackers to inject arbitrary Java EL expressions leading to remote code execution 1912881 - CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible 1913312 - CVE-2020-17518 apache-flink: directory traversal attack allows remote file writing through the REST API 1922123 - CVE-2020-17521 groovy: OS temporary directory leads to information disclosure 1923405 - CVE-2021-20218 fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise 1930230 - CVE-2020-27222 californium-core: DTLS - DoS vulnerability for certificate based handshakes 1930291 - CVE-2020-29582 kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure 1941050 - CVE-2021-27906 pdfbox: OutOfMemory-Exception while loading a crafted PDF file 1941055 - CVE-2021-27807 pdfbox: infinite loop while loading a crafted PDF file 1971648 - CVE-2021-31811 pdfbox: OutOfMemory-Exception while loading a crafted PDF file 1973392 - CVE-2021-30468 CXF: Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter 5. References: https://access.redhat.com/security/cve/CVE-2020-13920 https://access.redhat.com/security/cve/CVE-2020-17518 https://access.redhat.com/security/cve/CVE-2020-17521 https://access.redhat.com/security/cve/CVE-2020-26238 https://access.redhat.com/security/cve/CVE-2020-27222 https://access.redhat.com/security/cve/CVE-2020-27782 https://access.redhat.com/security/cve/CVE-2020-28052 https://access.redhat.com/security/cve/CVE-2020-29582 https://access.redhat.com/security/cve/CVE-2021-20218 https://access.redhat.com/security/cve/CVE-2021-27807 https://access.redhat.com/security/cve/CVE-2021-27906 https://access.redhat.com/security/cve/CVE-2021-30468 https://access.redhat.com/security/cve/CVE-2021-31811 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q3/html/getting_started_with_camel_k/ https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=red.hat.integration&version=2021-Q3 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYRzPW9zjgjWX9erEAQiQhg//Wv8T0xe0RsVX2iYN5d3OYHtnEAFu2iyQ sLt4E+Ed6nR95DkWfqbC/YIpE2w9UXgZXYG31Roup+zGNYScSpkUliOyH8rPoH2R TKWcUOQ5FzhDtWvrpss3x7fZ9dCXw6d38FRPCLby9Z05I9fLGTjqRcZQr7W3jz9t xiTdEhGKED4cgnwpPkUIBiSOF5bAhDAhYmXw0e2wvm/1XhhAOcA85U0d0Ac9lLjS y07agVx5UZxEDd5rT7ATPlJwfprNQUJKb5Zg+RCOEs5vLMVRHajuW7rG0z+FfhdK ckz3nektLdOJDcaZj/MdjqB+MZtuXJ48WzBnmKRpCeS/FIOp9XrM0xjrYjCB1Eu6 ls03UI6sbg0zi+fw995mNNoKoq7ErEzKGN1ROh693P0fNGJkvxDopP3GEChTjsMZ PJTOyKQyRQ4B5OXmemsoBiwiggmCX3E0rvF1dNCfYA4kWRth/B4A3MaTvpcnm1kO rZKRbCLDQ2rCbtyKLSn/vROi6RYn/4wtz3IudJCZsZXWVAh48iGhLPxYwxabwbyi rgcslBGkdjdlC+RhKmlPnDyV+q0P+uPupoRCaMKBsIZwdfO9oUZ3Zq/FqfVsab/L 5rv8NunH7+HHXMEx6wBNfqLtQ0pvCmJu/lD719jibgIgK0zZ00tQ54Z25X38C0v6 tw7zI6hjLQY= =rVez -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. plural Cisco Small Business RV A stack-based buffer overflow vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state