VARIoT IoT vulnerabilities database
| VAR-202009-0799 | CVE-2020-25747 | plural Rubetek Authentication vulnerability in camera |
CVSS V2: 9.0 CVSS V3: 9.4 Severity: CRITICAL |
The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset it to factory settings. Rubetek RV-3406 , RV-3409 , RV-3411 The camera contains an authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
| VAR-202009-1120 | CVE-2020-3400 | Cisco IOS XE Software vulnerabilities related to lack of authentication |
CVSS V2: 6.5 CVSS V3: 8.8 Severity: HIGH |
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web UI. A successful exploit could allow the attacker to utilize parts of the web UI for which they are not authorized. This could allow a Read-Only user to perform actions of an Admin user. Cisco IOS XE The software contains a vulnerability related to lack of authentication.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment
| VAR-202009-1160 | CVE-2020-3476 | Cisco IOS and IOS XE Security hole |
CVSS V2: 3.6 CVSS V3: 6.0 Severity: MEDIUM |
A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system. Both Cisco IOS and IOS XE are products of Cisco (Cisco). CLI is one of those command line interfaces
| VAR-202009-1147 | CVE-2020-3516 | Cisco IOS XE Input validation vulnerability in software |
CVSS V2: 4.0 CVSS V3: 4.3 Severity: MEDIUM |
A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering unexpected characters during a valid authentication. A successful exploit could allow the attacker to crash the web server on the device, which must be manually recovered by disabling and re-enabling the web server. Cisco IOS XE The software contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state. Both Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network equipment
| VAR-202009-1685 | No CVE | Skyvision webcam has unauthorized vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Skyview is a supplier of network video surveillance solutions and core circuit modules.
Tianshitong webcam has an unauthorized vulnerability, which can be exploited by attackers to affect the availability of the system.
| VAR-202009-1686 | No CVE | Tianshitong DVR has unauthorized vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Skyview is a supplier of network video surveillance solutions and core circuit modules in China.
Tianshitong hard disk video recorder has an unauthorized vulnerability, attackers can use the vulnerability to obtain sensitive information.
| VAR-202009-1687 | No CVE | Ruishi security equipment has a denial of service vulnerability |
CVSS V2: 4.9 CVSS V3: - Severity: MEDIUM |
Shenzhen Ruishi Technology Co., Ltd. (hereinafter referred to as Ruishi Technology) is a one-stop ecological solution provider for pan-video and AI pan-video.
Ruishi security equipment has a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service attack.
| VAR-202009-1688 | No CVE | Ruishi camera has logic flaws |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Shenzhen Ruishi Technology Co., Ltd. (hereinafter referred to as Ruishi Technology) is a one-stop ecological solution provider for pan-video and AI pan-video.
The Ruishi camera has a logic flaw vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202009-1689 | No CVE | Ruishi camera has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Shenzhen Ruishi Technology Co., Ltd. (hereinafter referred to as Ruishi Technology) is a one-stop ecological solution provider for pan-video and AI pan-video.
The Ruishi camera has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.
| VAR-202009-1690 | No CVE | Ruishi security equipment has logic flaws |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Shenzhen Ruishi Technology Co., Ltd. (hereinafter referred to as Ruishi Technology) is a one-stop ecological solution provider for pan-video and AI pan-video.
Ruishi security equipment has a logic flaw vulnerability, attackers can use the vulnerability to obtain sensitive information.
| VAR-202009-1691 | No CVE | The tp-link network camera has a denial of service vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
TP-LINK Technology Co., Ltd. (hereinafter referred to as "TP-LINK") is a global network communication equipment supplier.
The tp-link network camera has a denial of service vulnerability. Attackers can use this vulnerability to cause a denial of service attack.
| VAR-202009-1692 | No CVE | Tp-link hard disk video recorder has a command execution vulnerability |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
TP-LINK Technology Co., Ltd. (hereinafter referred to as "TP-LINK") is a global network communication equipment supplier.
The tp-link hard disk video recorder has a command execution vulnerability, which can be exploited by attackers to obtain server management rights.
| VAR-202009-1669 | No CVE | D-Link DGS-1210-28 Denial of Service Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
D-Link DGS-1210-28 is a switch.
D-Link DGS-1210-28 has a denial of service vulnerability. The vulnerability is caused by the network system or product not correctly verifying the input data. Attackers can use the vulnerability to cause a denial of service condition and refuse to provide services to legitimate users.
| VAR-202009-0095 | CVE-2020-12816 | Fortinet FortiNAC Cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users. Fortinet FortiNAC is a set of network access control solutions from Fortinet. This product is mainly used for network access control and IoT security protection.
FortiNAC 8.7.2 and earlier versions have cross-site scripting vulnerabilities
| VAR-202009-1181 | CVE-2020-3560 | Cisco Aironet Access Points Resource Depletion Vulnerability |
CVSS V2: 7.8 CVSS V3: 8.6 Severity: HIGH |
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention
| VAR-202009-1183 | CVE-2020-3552 | Cisco Aironet Access Points In software NULL Pointer dereference vulnerability |
CVSS V2: 6.1 CVSS V3: 7.4 Severity: HIGH |
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device
| VAR-202009-1182 | CVE-2020-3559 | Cisco Aironet Access Point Resource depletion vulnerability in software |
CVSS V2: 7.8 CVSS V3: 8.6 Severity: HIGH |
A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload. Cisco Aironet Access Points (aps) is a network access point device of Cisco (Cisco)
| VAR-202009-1150 | CVE-2020-3527 | Cisco Catalyst 9200 Series switch Polaris Resource exhaustion vulnerability in kernel |
CVSS V2: 7.8 CVSS V3: 8.6 Severity: HIGH |
A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger than the configured MTU size to the management interface of this device. A successful exploit could allow the attacker to crash the device fully before an automatic recovery
| VAR-202009-1128 | CVE-2020-3417 | Cisco IOS XE In software OS Command injection vulnerability |
CVSS V2: 7.2 CVSS V3: 6.7 Severity: MEDIUM |
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device. Both Cisco IOS and IOS XE are products of Cisco (Cisco). CLI is one of those command line interfaces
| VAR-202009-1163 | CVE-2020-3479 | Cisco IOS and IOS XE Resource depletion vulnerability in software |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: High |
A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition