VARIoT IoT vulnerabilities database

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871. media tech's nr16 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872. media tech's nr16 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1873. media tech's nr16 and NR17 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. fh451 firmware, fh1201 firmware, FH1202 firmware etc. Shenzhen Tenda Technology Co.,Ltd. The product has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state

Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information. TP-LINK Archer C7 is a wireless router from TP-LINK of China

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router produced by D-Link, which supports multiple network connection methods and security settings. No detailed vulnerability details are provided at present

There is an Out-of-bounds read vulnerability in V-Server (v4.0.19.0 and earlier) and V-Server Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed. Remote monitoring software provided by Fuji Electric Co., Ltd. TELLUS and TELLUS Lite , Display drawing software V-SFT Simulator module and remote monitoring software included in V-Server and V-Server Lite contains multiple vulnerabilities: * V-SFT , TELLUS , TELLLUS Lite Multiple stack-based buffer overflows in (CWE-121) - CVE-2024-38309 It was * TELLUS , TELLUS Lite Out of bounds read in (CWE-125) - CVE-2024-38389 It was * V-Server , V-Server Lite Out of bounds read in (CWE-125) - CVE-2024-38658 This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer. Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric Corporation of Japan. The software can collect information from devices such as PLCs, temperature controllers, inverters, etc. Fuji Electric V-Server and Fuji Electric V-Server Lite have an out-of-bounds read vulnerability, which can be exploited by attackers to cause information leakage or execute arbitrary code

Contiki-NG is an open-source, cross-platform operating system for IoT devices. An unaligned memory access can be triggered in the two RPL implementations of the Contiki-NG operating system. The problem can occur when either one of these RPL implementations is enabled and connected to an RPL instance. If an IPv6 packet containing an odd number of padded bytes before the RPL option, it can cause the rpl_ext_header_hbh_update function to read a 16-bit integer from an odd address. The impact of this unaligned read is architecture-dependent, but can potentially cause the system to crash. The problem has not been patched as of release 4.9, but will be included in the next release. One can apply the changes in Contiki-NG pull request #2962 to patch the system or wait for the next release. Contiki-NG Exists in a vulnerability related to illegal type conversion.Service operation interruption (DoS) It may be in a state

Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-message.c module, where the snmp_message_decode function fails to check the boundary of the message buffer when reading a byte from it immediately after decoding an object identifier (OID). The problem has been patched in Contiki-NG pull request 2937. It will be included in the next release of Contiki-NG. Users are advised to either apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration. Contiki-NG Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-ber.c module, where the function snmp_ber_decode_string_len_buffer decodes the string length from a received SNMP packet. In one place, one byte is read from the buffer, without checking that the buffer has another byte available, leading to a possible out-of-bounds read. The problem has been patched in Contiki-NG pull request #2936. It will be included in the next release of Contiki-NG. Users are advised to apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration. Contiki-NG Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers (SRH) in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming packet should be forwarded to another host. Because of missing validation of the resulting next-hop address, an uncontrolled recursion may occur in the tcpip_ipv6_output function in the os/net/ipv6/tcpip.c module when receiving a packet with a next-hop address that is a local address. Attackers that have the possibility to send IPv6 packets to the Contiki-NG host can therefore trigger deeply nested recursive calls, which can cause a stack overflow. The vulnerability has not been patched in the current release of Contiki-NG, but is expected to be patched in the next release. The problem can be fixed by applying the patch in Contiki-NG pull request #2264. Users are advised to either apply the patch manually or to wait for the next release. There are no known workarounds for this vulnerability. Contiki-NG Exists in a recursive control vulnerability.Service operation interruption (DoS) It may be in a state

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24771. (DoS) It may be in a state

Fuji Electric Monitouch V-SFT V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24662. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is a configuration software for human-machine interface (HMI) provided by Fuji Electric Corporation. It supports a variety of functions, including custom home screen, PDF document viewer, video player, alarm message, 10 pop-up windows, etc

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24664. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Fuji Electric Monitouch V-SFT V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24505. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is a configuration software for human-machine interface (HMI) provided by Fuji Electric Corporation. It supports a variety of functions, including custom home screen, PDF document viewer, video player, alarm message, 10 pop-up windows, etc

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24768. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24769. (DoS) It may be in a state

Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24449. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is a configuration software for human-machine interface (HMI) provided by Fuji Electric Corporation

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24770. Fuji Electric's Tellus Lite V-Simulator Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Fuji Electric Monitouch V-SFT X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X1 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24663. Fuji Electric's Monitouch V-SFT Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fuji Electric Monitouch V-SFT is a configuration software for human-machine interface (HMI) provided by Fuji Electric Corporation. It supports a variety of functions, including custom home screen, PDF document viewer, video player, alarm message, 10 pop-up windows, etc