VARIoT IoT vulnerabilities database

Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed. Dell XPS 13 9370 is a notebook computer from Dell in the United States. The Dell XPS 13 9370 BIOS has a security vulnerability

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It stores SMS messages in .NET serialized format on the filesystem. By generating (and writing to the disk) malicious .NET serialized files, an attacker can trick the product into deserializing them, resulting in arbitrary code execution. Ozeki NG SMS Gateway There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The program can convert your incoming emails to SMS and send them to your mobile phone. The main functions are: (1), send and receive messages in two ways (from phone to system, from system to phone); (2), support various applications of desktop email and Webmail; (3), powerful The server supports the program and stores your SMS to send and receive these; (4), supports multiple devices, etc

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

Redmi Note 7 generally refers to Redmi Note 7. Redmi Note 7 is the first product of Xiaomi's Redmi brand mobile phone. Redmi Note7 has a denial of service vulnerability, which can be exploited by attackers to cause the device program to crash or restart.

A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data. Mediatek MT7620N Contains an authentication vulnerability.Information may be obtained and information may be tampered with. Mediatek MT7620N is an IEEE802.11n on-chip routing chip of China MediaTek

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions. WAGO 750-8XX There is an authentication vulnerability in the series firmware.Information is tampered with and denial of service (DoS) It may be put into a state

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability. SonicWall SSL-VPN The product contains unspecified vulnerabilities.Information may be obtained. sonicwall ssl-vpn (sonicwall ssl-vpn, vpn) is a VPN connection solution of SonicWALL. This product is used for remote secure connections

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China's Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim's mobile phone before launching an attack

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution. HUAWEI P30 Pro Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei P30 Pro is a smartphone launched by Huawei

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. Huawei P30 Pro is a smartphone launched by Huawei

WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. WS5800-10 Exists in an inadequate validation of data reliability vulnerabilities.Denial of service (DoS) It may be put into a state. Huawei ws5800-10 is a wireless router of China's Huawei (Huawei) company. Some Huawei home routers have security vulnerabilities