VARIoT IoT vulnerabilities database

Chengdu Zhifeng Technology Co., Ltd. was established in October 2016. It is an emerging high-tech company integrating R&D, production and sales. There is a logic flaw vulnerability in the enterprise-level routers of Beenet Interconnection, which can be used by attackers to obtain sensitive information.

D-Link ShareCenter DNS-320 is a gigabit network storage device of Taiwan D-Link Group. D-Link ShareCenter DNS-325 is a network storage device of Taiwan D-Link Group. D-Link ShareCenter DNS-320 and ShareCenter DNS-325 have command execution vulnerabilities. Attackers can use vulnerabilities to execute arbitrary commands.

CyberControl is a flexible and customizable automated monitoring software platform that can run on a variety of operating systems. Its application areas include monitoring master stations of large industrial systems to local monitoring systems based on tablet computers. Beijing Sifang Relay Automation Co., Ltd. CyberControl has a command execution vulnerability. Attackers can use vulnerabilities to execute arbitrary commands.

Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed. Dell XPS 13 9370 is a notebook computer from Dell in the United States. The Dell XPS 13 9370 BIOS has a security vulnerability

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It stores SMS messages in .NET serialized format on the filesystem. By generating (and writing to the disk) malicious .NET serialized files, an attacker can trick the product into deserializing them, resulting in arbitrary code execution. Ozeki NG SMS Gateway There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The program can convert your incoming emails to SMS and send them to your mobile phone. The main functions are: (1), send and receive messages in two ways (from phone to system, from system to phone); (2), support various applications of desktop email and Webmail; (3), powerful The server supports the program and stores your SMS to send and receive these; (4), supports multiple devices, etc

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data. Mediatek MT7620N Contains an authentication vulnerability.Information may be obtained and information may be tampered with. Mediatek MT7620N is an IEEE802.11n on-chip routing chip of China MediaTek

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions. WAGO 750-8XX There is an authentication vulnerability in the series firmware.Information is tampered with and denial of service (DoS) It may be put into a state

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability. SonicWall SSL-VPN The product contains unspecified vulnerabilities.Information may be obtained. sonicwall ssl-vpn (sonicwall ssl-vpn, vpn) is a VPN connection solution of SonicWALL. This product is used for remote secure connections

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China's Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim's mobile phone before launching an attack