VARIoT IoT vulnerabilities database

Alcatel-Lucent (Alcatel-Lucent) is a multinational company that provides telecommunications hardware and software equipment and services, headquartered in Paris, France. Alcatel OAW series of smart wireless AP devices have unauthorized access vulnerabilities. Attackers can use the vulnerabilities to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

Beijing Huaxin Aotian Network Technology Co., Ltd. was registered and established in Haidian Branch on October 13, 2015. The company's business scope includes technology development, technology promotion, technology transfer, technology consulting, technology services, etc. Huaxin Aotian HAN series smart wireless AP devices have an unauthorized access vulnerability. Attackers can use this vulnerability to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

CAXA CNC car is an industrial automation CNC graphic design tool. CAXA CNC car v2015 has a privilege escalation vulnerability. Attackers can use this vulnerability to execute arbitrary code and increase privileges.

Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Provided by NEC Corporation Aterm WF800HP , Aterm WG2600HP and Aterm WG2600HP2 There are multiple vulnerabilities in. Aterm WF800HP ・ Cross-site scripting (CWE-79) - CVE-2021-20620Aterm WG2600HP and Aterm WG2600HP2 ・ Inadequate access restrictions (CWE-284) - CVE-2017-12575 ・ Cross-site request forgery (CWE-352) - CVE-2021-20621 ・ Cross-site scripting (CWE-79) - CVE-2021-20622CVE-2021-20620 This vulnerability information is provided by the following persons based on Information Security Early Warning Partnership: IPA Report to JPCERT/CC Coordinated with the developers. Reporter : Cyber Defense Institute, Inc. Nagaoka Satoru Mr CVE-2021-20621, CVE-2021-20622 This vulnerability information is provided by the following persons based on Information Security Early Warning Partnership: IPA Report to JPCERT/CC Coordinated with the developers. Reporter : Cyber Defense Institute, Inc. Iwasaki Tokumei MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Any script is executed on the web browser of the user who accessed the product. - CVE-2021-20620 ・ The setting information stored in the product may be stolen or changed by a remote third party. - CVE-2017-12575 -When a user logged in to the product accesses a specially crafted page, he / she is forced to perform an unintended operation. - CVE-2021-20621 -Any script is executed on the web browser of the user who is logged in to the product. - CVE-2021-20622

TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of TPE files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process

A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of ISP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics ISPSoft is a set of PLC (Programmable Logic Controller) programming software of Delta Electronics, Taiwan, China. Delta Electronics ISPSoft v3.12 and prior has an access control error vulnerability, which is caused by the network system or product improperly restricting access to resources from unauthorized roles

An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of TPE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process

YuRoute is an IoT router. China Mobile Railway Tongyu router has an unauthorized access vulnerability. Attackers can use this vulnerability to access sensitive information and perform operations.

ASUS RT-AX86U is a wireless router. ASUS RT-AX86U has a buffer overflow vulnerability. The vulnerability stems from the failure of RT-AX86U to limit the length of parameters when processing the Blocking_request service in the httpd service. Attackers can use this vulnerability to cause a denial of service attack.

Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue. Qualcomm The product contains a vulnerability related to information leakage.Information may be obtained

M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage. M&M Software Company (WAGO Kontakttechnik Subsidiary ) Provided by RTIS and PACTware Also used in other products including fdtCONTAINER Deserialize untrusted data for components (CWE-502) A vulnerability exists.By loading a specially crafted project file by a third party, malicious code can be executed in secret. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. M&M Fdtcontainer is a plug-in FDT frame application software of China Meiming (M&M) Company that can meet customer customization needs

Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories. Vtiger CRM Contains an information disclosure vulnerability.Information may be obtained. Vtiger CRM is a customer relationship management system (CRM) developed by Vtiger in the United States based on SugarCRM. The management system provides functions such as management, collection, and analysis of customer information. Vtiger CRM v7.2.0 has a path traversal vulnerability

A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not authorized to access. For more information about these vulnerabilities, see the Details section of this advisory. Cisco SD-WAN vManage There are unspecified vulnerabilities in the software.Information may be obtained. Cisco SD-WAN vManage Software is a management software for SD-WAN (Software Defined Wide Area Network) solutions from Cisco

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface. Cisco Web Security Appliance is a web security appliance. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation. Cisco AsyncOS is an operating system for Cisco devices

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco SD-WAN The product contains a buffer error vulnerability.Denial of service (DoS) It may be put into a state. Cisco SD-WAN vEdge is a router from Cisco of the United States. This device can provide basic WAN, security and multi-cloud functions for Cisco SD-WAN solutions. Cisco SD-WAN vManage is a software from Cisco (Cisco) that provides software-defined network functions. This software is a way of network virtualization. The IPSec tunnel function of Cisco SD-WAN software has a denial of service vulnerability. The vulnerability stems from boundary checks in the forwarding plane of the IPSec tunnel management function

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco SD-WAN The product contains a buffer error vulnerability.Denial of service (DoS) It may be put into a state. Cisco SD-WAN vEdge is a router from Cisco of the United States. This device can provide basic WAN, security and multi-cloud functions for Cisco SD-WAN solutions. Cisco SD-WAN vManage is a software from Cisco (Cisco) that provides software-defined network functions. This software is a way of network virtualization. Many Cisco SD-WAN products have buffer overflow vulnerabilities. The vulnerability stems from the program's failure to correctly verify and check the input of the SNMPv3 management function

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco SD-WAN The product contains a buffer error vulnerability.Denial of service (DoS) It may be put into a state. Cisco SD-WAN vEdge is a router from Cisco of the United States. This device can provide basic WAN, security and multi-cloud functions for Cisco SD-WAN solutions. Cisco SD-WAN vManage is a software from Cisco (Cisco) that provides software-defined network functions. This software is a way of network virtualization. The UDP link response of Cisco SD-WAN software has a denial of service vulnerability. The vulnerability is caused by a null pointer dereference in vDaemon

Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2. Affected product versions include: Taurus-AL00A versions 10.0.0.1(C00E1R1P1). CampusInsight , ManageOne , Taurus-AL00A There is a vulnerability related to.Information may be obtained. Huawei Manageone is a set of cloud data center management solutions of China Huawei (Huawei). The product supports unified management of heterogeneous cloud resource pools, and provides functions such as multi-level VDC matching customer organization model, service catalog planning, self-service, centralized alarm analysis, and intelligent operation and maintenance. The vulnerability exists in the following devices or models: ManageOne 6.5.1.1, ManageOne 6.5.1.SPC100, ManageOne 6.5.1.SPC200, ManageOne 6.5.1RC1, ManageOne 6.5.1RC2, ManageOne 8.0.RC2

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco SD-WAN The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state