VARIoT IoT vulnerabilities database

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is POST-ed during account creation. Similar may also be possible with account deletion. Zyxel VMG5313-B30B is a router device. Zyxel VMG5313-B30B privilege escalation vulnerability, a remote attacker can use this vulnerability to submit special requests, create high-privileged users, and elevate privileges

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection. DCS-2530L and DCS-2670L are full HD 180 degree Wi-Fi cameras launched by D-Link. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands

A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted messages to a targeted system. A successful exploit could allow the attacker to cause the application to return sensitive authentication information to another system, possibly for use in further attacks. Cisco Jabber The software contains an input verification vulnerability.Information may be obtained. Cisco Jabber is a set of unified communication client solutions of Cisco (Cisco). The program provides online status display, instant messaging, voice and other functions

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. DCS-2530L and DCS-2670L are full HD 180 degree Wi-Fi cameras launched by D-Link. The cgi-bin/ddns_enc.cgi in D-Link DCS-2530L and DCS-2670L has security vulnerabilities

B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device. Huawei B2368-22, etc. are all high-performance outdoor CPE terminals from Huawei (Huawei)

Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauthenticated attacker can access the list of DT (Directory Table) objects of all internally running services and gain knowledge of sensitive data of the system

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files. Dell EMC Isilon OneFS is a scale-out storage system for unstructured data from Dell. Attackers who pass authentication may exploit this vulnerability to attack

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could exploit this vulnerability by sending an API request to the application, which would return a URL that includes a meeting join page that is prepopulated with the meeting username and password. A successful exploit could allow the attacker to join the password-protected meeting. The attacker would be visible in the attendee list of the meeting

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit this vulnerability by uploading a file using the REST API. A successful exploit could allow an attacker to overwrite and upload files, which could degrade the functionality of the affected system. Cisco Enterprise NFV Infrastructure Software (NFVIS) Is vulnerable to input validation.Information is tampered with and denial of service (DoS) It may be put into a state. The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller

A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the logic that governs directory permissions. An attacker could exploit this vulnerability by using capabilities that are not controlled by the role-based access control (RBAC) mechanisms of the software. A successful exploit could allow the attacker to overwrite files on an affected device. Cisco Enterprise NFV Infrastructure Software (NFVIS) Contains a path traversal vulnerability.Information may be tampered with. The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise. Sagemcom F@ST 5280 routers is a router product. Attackers can use vulnerabilities to gain access to internal accounts

NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker. NETGEAR R8300 There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8300 is a wireless router from NETGEAR. The vulnerability stems from the fact that the network system or product fails to correctly filter special characters, commands, etc. in the process of user input to construct and execute commands. Attackers can use this vulnerability to execute illegal operating system commands

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. of multiple Mitsubishi Electric products TCP A vulnerability in session management exists in the protocol stack. This vulnerability information is provided by the developer for the purpose of dissemination to product users. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of ACK packets. When generating ACK packets, the application uses a predictable sequence number. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Mitsubishi Electric gt14 model是日本三菱电机（Mitsubishi Electric）公司的一个用于工业生产过程中提供人机交互界面的设备. Mitsubishi Electric 多个产品存在命令执行漏洞，该漏洞允许攻击者冒充合法设备，从而使攻击者能够远程执行任意命令。以下产品和版本受到影响：QJ71MES96 all versions，QJ71WS96 all versions，Q06CCPU-V all versions，Q24DHCCPU-V all versions，Q24DHCCPU-VG all versions，R12CCPU-V Version 13 and prior，RD55UP06-V Version 09 and prior，RD55UP12-V Version 01，RJ71GN11-T2 Version 11 and prior，RJ71EN71 all versions，QJ71E71-100 all versions，LJ71E71-100 all versions，QJ71MT91 all versions，RD78Gn(n=4,8,16,32,64) all versions，RD78GHV all versions，RD78GHW all versions，NZ2GACP620-60 all versions，NZ2GACP620-300 all versions，NZ2FT-MT all versions，NZ2FT-EIP all versions，Q03UDECPU the first 5 digits of serial number 22081 and prior，QnUDEHCPU(n=04/06/10/13/20/26/50/100) the first 5 digits of serial number 22081 and prior，QnUDVCPU(n=03/04/06/13/26) the first 5 digits of serial number 22031 and prior，QnUDPVCPU(n=04/06/13/26) the first 5 digits of serial number 22031 and prior，LnCPU(-P)(n=02/06/26) the first 5 digits of serial number 22051 and prior，L26CPU-(P)BT the first 5 digits of serial number 22051 and prior，RnCPU(n=00/01/02) Version 18 and prior，RnCPU(n=04/08/16/32/120) Version 50 and prior，RnENCPU(n=04/08/16/32/120) Version 50 and prior，RnSFCPU (n=08/16/32/120) Version 22 and prior，RnPCPU(n=08/16/32/120) Version 24 and prior，RnPSFCPU(n=08/16/32/120) Version 05 and prior，FX5U(C)-**M*/**，FX5UC-32M*/**-TS Version 1.210 and prior，FX5UJ-**M*/** Version 1.000，FX5-ENET Version 1.002 and prior，FX5-ENET/IP Version 1.002 and prior，FX3U-ENET-ADP Version 1.22 and prior，FX3GE-**M*/** the first 3 digits of serial number 20X and prior，FX3U-ENET Version 1.14 and prior，FX3U-ENET-L Version 1.14 and prior，FX3U-ENET-P502 Version 1.14 and prior，FX5-CCLGN-MS Version 1.000，IU1-1M20-D all versions，LE7-40GU-L all versions，GOT2000 Series GT21 Model all versions，GS Series all versions，GOT1000 Series GT14 Model all versions，GT25-J71GN13-T2 all versions，FR-A800-E Series production date December 2020 and prior，FR-F800-E Series production date December 2020 and prior，FR-A8NCG Production date August 2020 and prior，FR-E800-EPA Series Production date July 2020 and prior，FR-E800-EPB Series Production date July 2020 and prior，Conveyor Tracking Application APR-nTR3FH APR-nTR6FH APR-nTR12FH APR-nTR20FH(n=1,2) all versions (Discontinued product)，MR-JE-C all versions，MR-J4-TM all versions

Weidi Technology Co., Ltd. is an uninterruptible power supply, automatic control equipment and industrial battery company. Vide Technology Co., Ltd. UPS management module SSH has a command execution vulnerability. Attackers can use vulnerabilities to bypass restrictions and directly execute system shell commands remotely.

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020). Vendor exploits this vulnerability SVE-2020-17239 Is published as.Information is obtained and denial of service (DoS) It may be put into a state

STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration. STMicroelectronics STM32F1 An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection. Zyxel VMG5313-B30B A code injection vulnerability exists in the router firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Zyxel VMG5313-B30B is a router device. Zyxel VMG5313-B30B has security loopholes. Remote attackers can use this loophole to submit special requests, inject arbitrary SHELL commands and execute them

The flash memory readout protection in Gigadevice GD32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the DMA module. Gigadevice GD32F103 The device contains a vulnerability related to the leakage of resources to the wrong area.Information may be tampered with

Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used

The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface. Gigadevice GD32F103 The device contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Gigadevice GD32F103 is a Gigadevice microcontroller device. Gigadevice GD32F103 security protection has a code execution vulnerability