VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202101-0413 CVE-2020-27859 NEC ESMPRO Manager  Traversal Vulnerability in Japan CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEuaLogDownloadAction class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-9607. NEC ESMPRO Manager Contains a path traversal vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-9607 Was numbered.Information may be obtained
VAR-202006-1927 No CVE Chongqing Jutai Internet of Things Group Co., Ltd. energy information management system has a universal password bypass vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Chongqing Jutai Internet of Things Group Co., Ltd. is a company engaged in the research and development, production, sales/computer system integration of software and hardware of Internet of Things products. Chongqing Jutai Internet of Things Group Co., Ltd.'s energy information management system has a universal password bypass vulnerability, which can be used by attackers to obtain sensitive database information.
VAR-202006-1924 No CVE A remote command execution vulnerability exists in the hard disk recorder of Zhejiang Yushi Technology Co., Ltd. CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Zhejiang Yushi Technology Co., Ltd. (abbreviation: Yushi) was founded in 2011 and is a global public safety and intelligent transportation solution provider. There is a remote command execution vulnerability in the hard disk recorder of Zhejiang Yushi Technology Co., Ltd. An attacker can use this vulnerability to execute system commands, upload a webshell, and obtain server permissions.
VAR-202006-1863 No CVE Haiwell SCADA has a hard-coded certificate authorization bypass vulnerability CVSS V2: 2.1
CVSS V3: -
Severity: LOW
Haiwei Cloud Configuration Software is a .NET Framework-based industrial automation monitoring and management platform software developed by Xiamen Haiwei Technology Co., Ltd. Haiwell SCADA has a hard-coded certificate authorization bypass vulnerability that attackers can use to obtain sensitive software information.
VAR-202006-1865 No CVE Haiwell SCADA has arbitrary file download vulnerability CVSS V2: 2.1
CVSS V3: -
Severity: LOW
Haiwei Cloud Configuration Software is a .NET Framework-based industrial automation monitoring and management platform software developed by Xiamen Haiwei Technology Co., Ltd. Haiwell SCADA has an arbitrary file download vulnerability, which can be exploited by attackers to obtain software sensitive information.
VAR-202006-1884 CVE-2020-14481 FactoryTalk View SE  Cryptographic strength vulnerabilities in CVSS V2: 2.1
CVSS V3: 7.8
Severity: HIGH
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE. FactoryTalk View SE There is a security level vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation FactoryTalk View SE is an industrial automation system view interface of Rockwell Automation
VAR-202006-1882 CVE-2020-14480 FactoryTalk View  Vulnerability in plaintext storage of important information in CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials. FactoryTalk View There is a vulnerability in plaintext storage of important information.Information may be obtained. Rockwell Automation FactoryTalk View SE is an industrial automation system view interface of Rockwell Automation. An information disclosure vulnerability exists in Rockwell Automation FactoryTalk View SE, which can be used by attackers to obtain sensitive information
VAR-202006-1883 CVE-2020-14478 FactoryTalk Services Platform  In  XML  External entity vulnerabilities CVSS V2: 5.6
CVSS V3: 7.1
Severity: HIGH
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services. FactoryTalk Services Platform for, XML There is a vulnerability in an external entity.Information is obtained and service operation is interrupted (DoS) It may be in a state. Rockwell Automation FactoryTalk Services Platform is a service platform composed of multiple products by Rockwell Automation in the United States. It provides routine services for applications, such as diagnostic information, health monitoring, and real-time data access
VAR-202006-0891 CVE-2019-19506 Tenda PA6 Wi-Fi Powerline extender Infinite loop vulnerability in CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot. An attacker can use this vulnerability to execute arbitrary code or cause an application to crash
VAR-202006-1857 No CVE Memory damage vulnerability exists in the software for quick-control PLC CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
Quick Control Cloud (Shanghai) Intelligent Technology Co., Ltd., a high-tech company specialized in the research and development of industrial Internet of Things automation products such as cloud boxes, human-machine interfaces, and PLC, in cooperation with Shanghai Jiaotong University. There is a memory destruction vulnerability in the software for quick-control PLC development. An attacker can use this vulnerability to cause a system denial of service.
VAR-202006-1864 No CVE Haiwell SCADA has information disclosure vulnerability CVSS V2: 2.1
CVSS V3: -
Severity: LOW
Haiwei Cloud Configuration Software is a .NET Framework-based industrial automation monitoring and management platform software developed by Xiamen Haiwei Technology Co., Ltd. There is an information disclosure vulnerability in Haiwell SCADA, which an attacker can use to obtain sensitive software information.
VAR-202006-0890 CVE-2019-19505 Tenda PA6 Wi-Fi Powerline extender Out-of-bounds write vulnerability in CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. (DoS) It may be put into a state
VAR-202006-0749 CVE-2019-16213 Tenda PA6 Wi-Fi Powerline extender In OS Command injection vulnerabilities CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges. (DoS) It may be put into a state
VAR-202006-0485 CVE-2020-14005 Solarwinds Orion Vulnerability in CVSS V2: 9.0
CVSS V3: 8.8
Severity: HIGH
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event. (DoS) It may be put into a state. Authentication is required to exploit this vulnerability.The specific flaw exists within the ExecuteExternalProgram method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of system. SolarWinds Orion Platform is a set of network fault and network performance management platform of SolarWinds in the United States. The platform can provide real-time monitoring and analysis of network equipment, and supports customized web interface, multiple user opinions, and map browsing of the entire network
VAR-202006-1919 No CVE Unauthorized RCE 0day vulnerability in D-Link DCS-2530L camera CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
D-Link DCS-2530L is a camera of D-Link. D-Link DCS-2530L camera has an unauthorized RCE 0day vulnerability, which can be exploited by an attacker to root The identity executes arbitrary commands on the target device.
VAR-202006-1925 No CVE Unauthorized remote code execution vulnerability in multiple Netgear devices CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
NETGEAR is a computer network equipment developer founded in 1996 and headquartered in San Jose, California. Many NETGEAR devices have unauthorized remote code execution vulnerabilities. Attackers can use the vulnerability to execute commands directly.
VAR-202006-0486 CVE-2020-14006 Solarwinds Orion Cross-site scripting vulnerability in CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team. SolarWinds Orion Platform is a set of network fault and network performance management platform of SolarWinds in the United States. The platform can provide real-time monitoring and analysis of network equipment, and supports customized web interface, multiple user opinions, and map browsing of the entire network. The vulnerability stems from the lack of correct verification of client data in WEB applications. An attacker can use this vulnerability to execute client code
VAR-202006-0487 CVE-2020-14007 SolarWinds Orion Platform cross-site scripting vulnerability CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition. SolarWinds Orion Platform is a set of network fault and network performance management platform of SolarWinds in the United States. The platform can provide real-time monitoring and analysis of network equipment, and supports customized web interface, multiple user opinions, and map browsing of the entire network. The vulnerability stems from the lack of correct verification of client data in WEB applications. An attacker can use this vulnerability to execute client code
VAR-202006-0021 CVE-2020-10561 Xiaomi Mi Jia ink-jet printer injection vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Injecting parameters to ippserver through the web management background, resulting in command execution vulnerabilities. Xiaomi Mi Jia ink-jet printer There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
VAR-202006-0925 CVE-2020-14473 plural Vigor Out-of-bounds write vulnerabilities in firmware CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1. Vigor3900 , Vigor2960 and Vigor300B There is an out-of-bounds write vulnerability in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. DrayTek Vigor3900, etc. are all products of DrayTek, Taiwan, China. DrayTek Vigor3900 is a broadband router/VPN gateway device. Vigor2960 is a load balancing router and VPN gateway device. Vigor300B is a load balancing router. Attackers can use this vulnerability to execute arbitrary code or cause denial of service by sending long parameters