VARIoT IoT vulnerabilities database

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules. TOTOLINK of A3100R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3100R is a series of wireless routers from China's TOTOLINK Electronics. The vulnerability is caused by the comment parameter in setMacFilterRules failing to properly verify the length of the input data. No detailed vulnerability details are currently provided

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules. TOTOLINK of A3100R An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK A3100R is a series of wireless routers from China's TOTOLINK Electronics. Attackers can exploit this vulnerability to crash the application or execute arbitrary code in the context of the application

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid5g parameter in the setWiFiEasyGuestCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid parameter in the setWiFiBasicCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid parameter in the setWiFiGuestCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the ssid5g parameter in the setWiFiEasyCfg function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. TOTOLINK of nr1800x An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK Electronics. TOTOLINK NR1800X has a buffer overflow vulnerability. The vulnerability is caused by the text parameter in the setSmsCfg function failing to correctly verify the length of the input data. No detailed vulnerability details are currently provided

When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. F5 BIG-IP SCTP contains a denial of service vulnerability. An attacker could exploit this vulnerability to launch a denial of service attack

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. Shenzhen Tenda Technology Co.,Ltd. of fh451 A stack-based buffer overflow vulnerability exists in the firmware.Information may be obtained and information may be tampered with. No detailed vulnerability details are currently provided

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance. SMA100 firmware, SMA200 firmware, SMA210 firmware etc. SonicWALL The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable. SMA100 firmware, SMA200 firmware, SMA210 firmware etc. SonicWALL The product contains a path traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA. SonicWall SMA100 has a path traversal vulnerability. Attackers can exploit this vulnerability to make any directory writable

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. SMA100 firmware, SMA200 firmware, SMA210 firmware etc. SonicWALL The product has a vulnerability related to externally accessible files or directories.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials with CLI access on the affected system. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by running a series of crafted commands on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device and gain privileges of the root user. To exploit this vulnerability, an attacker would need to have CLI access as a low-privilege user

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services

A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby ambassador users. An attacker could exploit this vulnerability by logging in to an affected device with a lobby ambassador user account and sending crafted HTTP requests to the API. A successful exploit could allow the attacker to delete arbitrary user accounts on the device, including users with administrative privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default. Cisco Systems Cisco IOS XE contains an access control vulnerability.Information may be tampered with

A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to improper validation of requests to APIs. An attacker could exploit this vulnerability by sending malicious requests to an API within the affected system. A successful exploit could allow the attacker to conduct directory traversal attacks and write files to an arbitrary location on the affected system. Cisco Systems Cisco Catalyst SD-WAN Manager Exists in a past traversal vulnerability.Information may be tampered with

A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker to gain access to sensitive information, including credentials used by the device to connect to Cisco cloud services

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a stored cross-site scripting attack (XSS) on an affected system.  This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system. Cisco Systems Cisco Catalyst SD-WAN Manager Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system. Cisco Systems Cisco Catalyst SD-WAN Manager contains a man-in-the-middle vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state