VARIoT IoT vulnerabilities database

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that allow an attacker to send arbitrary commands to an arbitrary inverter. It is also possible to impersonate the broker, because TLS is not used to identify the real MQTT broker. This means that MQTT communications are vulnerable to MitM attacks at the TCP/IP level. SUNGROW of WiNet-S A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information may be obtained and information may be tampered with. SunGrow WiNet-S is a LAN communication module from SunGrow, a Chinese company

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be used to decrypt all firmware updates. SUNGROW of WiNet-S A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information may be obtained and information may be tampered with. SunGrow WiNet-S is a LAN communication module from SunGrow, a Chinese company

D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp. D-Link Systems, Inc. of DSL-3782 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. D-Link DSL-3782 is a wireless router from D-Link of China. The vulnerability is caused by /New_GUI/ParentalControl.asp failing to properly verify the length of input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management. Cisco Systems Cisco Meeting Management contains a vulnerability related to improper handling of insufficient privileges.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Meeting Management is software used by Cisco to manage and schedule meetings

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver. FortiADC , FortiAuthenticator , FortiDDoS Several Fortinet products, including the above, contain vulnerabilities that allow externally controlled access to resources in other areas.Information may be obtained and information may be tampered with

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. Linksys of e8450 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Linksys E8450 is an E-series wireless router from Linksys, an American company. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn. (DoS) It may be in a state. Linksys E8450 is a router from Linksys, an American company. Attackers can exploit this vulnerability to cause arbitrary command execution

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification. Linksys E8450 is an E-series wireless router from Linksys, an American company. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail. Linksys E8450 is an E-series wireless router from the American company Linksys. Attackers can exploit this vulnerability to cause arbitrary command execution

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification. Linksys E8450 is an E-series wireless router from Linksys, an American company. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status. (DoS) It may be in a state. Linksys E8450 is a router from Linksys, an American company. Attackers can exploit this vulnerability to cause arbitrary command execution

TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request. TOTOLINK of A810R Firmware contains a command injection vulnerability.Information may be obtained and information may be tampered with. TOTOLink A810R is a wireless dual-band router from China's TotoLink company

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability, a stack-based buffer overflow vulnerability, and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda AC15 has a buffer overflow vulnerability, which is caused by the parameter mac of the file /goform/SetDevNetName failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Google of Android Exists in an out-of-bounds read vulnerability.Information may be obtained. Google Pixel is a smartphone produced by Google in the United States. Google Pixel has a buffer overflow vulnerability. The vulnerability is caused by the lack of boundary checking, which allows out-of-bounds reading of memory. Attackers can exploit this vulnerability to run arbitrary code in the context of the affected application and control the server process

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC8 firmware, AC10 firmware, AC18 The firmware has injection vulnerabilities, command injection vulnerabilities, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the file /goform/telnet failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution

TEW-635BRM is a network security firewall. TEW-635BRM of Beijing Trendwell Network Technology Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. Shenzhen Tenda Technology Co.,Ltd. of AC8 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. Shenzhen Tenda Technology Co.,Ltd. of AC8 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are currently provided

Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request. Shenzhen Tenda Technology Co.,Ltd. of AC6 A lack of authentication vulnerability exists in the firmware.Information may be obtained and information may be tampered with. Tenda AC1200 has an access control error vulnerability, which is caused by incorrect access control. No detailed vulnerability details are currently provided

Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function. Shenzhen Tenda Technology Co.,Ltd. of AC18 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to cause arbitrary command execution