VARIoT IoT vulnerabilities database

An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the --no-check-certificate option passed to wget tool used to download firmware update files. ASUS RT-AC1900P A router contains a certificate validation vulnerability.Information may be tampered with. ASUS RT-AC1900P routers firmware upgrade processing certificate has security loopholes, allowing remote attackers to use loopholes to submit special requests, upgrade malicious firmware, and control the server

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2 and BIG-IQ versions 5.2.0-7.0.0, the host OpenSSH servers utilize keys of less than 2048 bits which are no longer considered secure. plural BIG-IP The product contains a cryptographic strength vulnerability.Information may be obtained. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. BIG-IP version 15.1.0 to 15.1.0.4, version 15.0.0 to 15.0.1.3, version 14.1.0 to 14.1.2.3, version 13.1.0 to 13.1.3.4, 12.1.0 There are security vulnerabilities in versions between 12.1.5.1, 11.6.1 to 11.6.5.2, and BIG-IQ versions 5.2.0 to 7.0.0. The vulnerability stems from the fact that the initial key value of the OpenSSH service is less than 2048 and thus There is a security risk

In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, iControl REST does not implement Cross Site Request Forgery protections for users which make use of Basic Authentication in a web browser. plural BIG-IP The product contains a cross-site request forgery vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. F5 BIG-IP is a F5 load balancing device. F5 BIG-IP iControl REST has a cross-site request forgery vulnerability. A remote attacker can use this vulnerability to construct a malicious URI, trick the request, and perform malicious operations in the context of the target user. BIG-IP versions between 15.0.0 and 15.1.0.4, versions between 14.1.0 and 14.1.2.6, versions between 13.1.0 and 13.1.3.3, versions between 12.1.0 and 12.1.5.1 and 11.6.1 There is a security vulnerability in versions up to 11.6.5.2, which is caused by BIG-IP not adequately verifying that the request is from a trusted user. An attacker could exploit this vulnerability to send unexpected requests to the server through an affected client

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed internally generated UDP traffic may cause the Traffic Management Microkernel (TMM) to restart under some circumstances. plural BIG-IP The product contains an exceptional condition check vulnerability.Service operation interruption (DoS) It may be put into a state. F5 BIG-IP is a F5 load balancing device. F5 BIG-IP has security loopholes in processing UDP protocol data. Remote attackers can use this loophole to submit special requests to restart TMM and cause denial of service attacks. BIG-IP version 15.1.0 to 15.1.0.4, version 15.0.0 to 15.0.1.3, version 14.1.0 to 14.1.2.3, version 13.1.0 to 13.1.3.3, 12.1.0 Versions up to 12.1.5.1 and versions between 11.6.1 and 11.6.5.1 have security vulnerabilities

In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present. This impacts SSL/TLS connections and may result in a man-in-the-middle attack on the connections. BIG-IP Exists in a certificate validation vulnerability.Information may be obtained and tampered with. BIG-IP Server versions between 15.0.0 and 15.1.0.1, versions between 14.1.0 and 14.1.2.3, versions between 13.1.0 and 13.1.3.4, versions between 12.1.0 and 12.1.5.1, and 11.6 There are security vulnerabilities in versions between .1 and 11.6.5.2

In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and higher privileged roles can perform arbitrary file reads outside of the web root directory. plural BIG-IP The product contains a vulnerability related to information leakage.Information may be obtained. F5 BIG-IP is a load balancing device. F5 BIG-IP has a directory traversal vulnerability. There are security vulnerabilities in BIG-IP versions between 15.1.0 and 15.1.0.4 and versions between 15.0.0 and 15.0.1.3

In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, a BIG-IP virtual server with a Session Initiation Protocol (SIP) ALG profile, parsing SIP messages that contain a multi-part MIME payload with certain boundary strings can cause TMM to free memory to the wrong cache. plural BIG-IP The product contains a vulnerability related to improper shutdown and release of resources.Service operation interruption (DoS) It may be put into a state. There are security vulnerabilities in BIG-IP versions between 15.1.0 and 15.1.0.4, versions between 15.0.0 and 15.0.1.3, and versions between 14.1.0 and 14.1.2.6. The vulnerability is caused by TMM releasing memory to the wrong buffering

In versions 15.0.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to perform a read-only blind SQL injection attack. BIG-IP AFM To SQL An injection vulnerability exists.Information may be obtained. F5 BIG-IP AFM is an advanced firewall device. Remote attackers can use this vulnerability to submit special SQL requests, manipulate databases, obtain sensitive information or execute arbitrary codes. BIG-IP AFM versions between 15.0.0 and 15.1.0.5, versions between 14.1.0 and 14.1.2.7, versions between 13.1.0 and 13.1.3.4, versions between 12.1.0 and 12.1.5.1 and 11.6. There are security vulnerabilities in versions between 1 and 11.6.5.1, which are caused by the lack of validation of externally input SQL statements in database-based applications. Attackers can exploit this vulnerability to execute illegal SQL commands

In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses. plural BIG-IP The product contains unspecified vulnerabilities.Information may be obtained and tampered with. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. BIG-IP version 15.0.0 to 15.1.0.4, version 14.1.0 to 14.1.2.6, version 13.1.0 to 13.1.3.3, version 12.1.0 to 12.1.5.1, version 11.6.1 There are security vulnerabilities in versions between 11.6.5.1 and BIG-IQ5.4.0 to 7.0.0. The vulnerability stems from the fact that IPv6 connections to local addresses will cause private ip ports to be locked

In BIG-IP ASM versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, undisclosed server cookie scenario may cause BD to restart under some circumstances. BIG-IP ASM There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state. BIG-IP ASM version between 15.1.0 and 15.1.0.4, version between 15.0.0 and 15.0.1.3, version between 14.1.0 and 14.1.2.3, version between 13.1.0 and 13.1.3.3, version 12.1. Versions between 0 and 12.1.5.1, and versions between 11.6.1 and 11.6.5.1 have security vulnerabilities. Currently there is no information about this vulnerability. Please keep an eye on CNNVD or manufacturer announcements

In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times. BIG-IP ASM Exists in a cross-site request forgery vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. BIG-IP ASM version between 15.1.0 and 15.1.0.4, version between 15.0.0 and 15.0.1.3, version between 14.1.0 and 14.1.2.3, version between 13.1.0 and 13.1.3.3, version 12.1. There are CSRF vulnerabilities in versions between 0 and 12.1.5.1 and versions between 11.6.1-11.6.5.1. The vulnerability is caused by the fact that the WEB application in BIG-IP ASM does not fully verify whether the request is from a trusted user. An attacker could exploit this vulnerability to send unexpected requests to the server through an affected client

In BIG-IP APM versions 12.1.0-12.1.5.1 and 11.6.1-11.6.5.2, RADIUS authentication leaks memory when the username for authentication is not set. BIG-IP APM Is vulnerable to a lack of resource release after a valid lifetime.Service operation interruption (DoS) It may be put into a state. There is a security vulnerability in BIG-IP APM versions 12.1.0 to 12.1.5.1 and 11.6.1 to 11.6.5.2. loophole

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel (TMM) to stop responding. BIG-IP APM There is an unspecified vulnerability in.Service operation interruption (DoS) It may be put into a state

There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081. Mate 20 firmware, P30 firmware, P30 Pro firmware etc. Huawei The product contains an incorrect authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089. Huawei of P30 Pro There are unspecified vulnerabilities in the firmware.Information may be obtained

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10596. Microhard Bullet-LTE Exists in a stack-based buffer overflow vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-10596 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10595. Microhard Bullet-LTE Has OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-10595 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code. iView Is Advantech Provided by the company SNMP Base device management software. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the exportTaskMgrReport method of the DeviceTreeTable class. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Advantech iView is an equipment management application for the energy, water and wastewater industries. The vulnerability stems from the failure of Advantech iView to properly filter resources or special elements in file paths

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained. OpenEnterprise teeth Emerson Industrial SCADA It's software

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). FasterXML jackson-databind Exists in a code injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Versions earlier than 2.9.10.6 in the FasterXML jackson-databind 2.x series have security vulnerabilities. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements