VARIoT IoT vulnerabilities database

A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send incorrect information to the system log on the affected system. Cisco Firepower Management Center (FMC) The software contains an input verification vulnerability.Information may be tampered with

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of this advisory. A remote attacker could use this account to exploit this vulnerability to gain access to sensitive parts of the system

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system. The platform provides features such as highly secure access to data and network resources

A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device. The platform provides features such as highly secure access to data and network resources. The following products and versions are affected: Cisco ASA 9.5 and earlier, 9.6, 9.7, 9.8, 9.9, 9.10, 9.12; FTD 6.1.0 and earlier, 6.2.0, 6.2.1, Version 6.2.2, Version 6.2.3, Version 6.3.0, Version 6.4.0

A path handling issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to overwrite arbitrary files. This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the printtool daemon. The issue results from the lack of proper validation of printer icon data prior to further processing. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Printing is one of the printing components. A security vulnerability exists in the Printing component of Apple macOS Catalina prior to 10.15.4

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways using a malicious file: An attacker with administrative privileges could upload a malicious XML file on the system and cause the XML code to parse the malicious file. An attacker with Clientless Secure Sockets Layer (SSL) VPN access could exploit this vulnerability by sending a crafted XML file. A successful exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system. Cisco Firepower Device Manager On-Box The software contains a buffer error vulnerability.Service operation interruption (DoS) It may be put into a state. Cisco Firepower Device Manager (FDM) is a firewall device manager of Cisco (Cisco). The product supports access rule configuration, system monitoring and other functions

A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by uploading a malicious file to an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on as well as modify the underlying operating system of an affected device. (DoS) It may be put into a state. Cisco Firepower Device Manager (FDM) is a firewall device manager of Cisco (Cisco). The product supports access rule configuration, system monitoring and other functions

In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code. Fazecast Provides jSerialComm To DLL There is a read vulnerability. jSerialComm Is Fazecast Provides platform-independent serial communication provided by Java The library. This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of files within the Temp directory. The issue results from an incorrect assignment of privilege to a critical resource. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Schneider Electric EcoStruxure IT Gateway is a set of cloud-based data center management as a service (DMaaS) products of French Schneider Electric company. A code issue vulnerability exists in Fazecast jSerialComm 2.2.2 and earlier versions

Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process. Intelbras RF1200 A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intelbras RF1200 is a wireless router from Intelbras of Brazil

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings. Ayision Ays-WR01 A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. Ayision Ays-WR01 is a wireless repeater of Ayision company in China. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48. plural NETGEAR The device contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR WNDR4300 is a wireless router. No detailed vulnerability details are currently provided. This affects D6100 prior to 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 prior to 1.0.2.90, and WNDR4500v3 prior to 1.0.0.48

Certain NETGEAR devices are affected by stored XSS. This affects R9000 before 1.0.2.40, R6100 before 1.0.1.1, 6R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, WNDR4300v2 before 1.0.0.48, and WNR2000v5 before 1.0.0.58. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR R9000, R7800, R7500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the lack of correct verification of client data in WEB applications. An attacker can use this vulnerability to execute client code. This affects R9000 prior to 1.0.2.40, R6100 prior to 1.0.1.1, 6R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.20, R7800 prior to 1.0.2.36, WNDR4300v2 prior to 1.0.0.48, and WNR2000v5 prior to 1.0.0.58

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID. Ayision Ays-WR01 A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with

CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis. Intelbras CIP 92200 A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Intelbras CIP 92200 is a VoIP switch of Polish Intelbras company. The vulnerability stems from the program's failure to properly validate user input

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104. NETGEAR R8300 and R8500 The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8500 and NETGEAR R8300 are both a wireless router of NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects R8300 prior to 1.0.2.104 and R8500 prior to 1.0.2.104

SAE IT-systems FW-50 Remote Telemetry Unit (RTU). The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in the output used as a webpage that is served to other users. FW-50 RTU The following vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2020-10630 * Directory traversal (CWE-22) - CVE-2020-10634The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary script is executed on the user's web browser - CVE-2020-10630 * Sensitive information is stolen by a remote third party by displaying the file structure of the device or avoiding access restrictions to the file. - CVE-2020-10634. The vulnerability stems from the program's failure to correctly verify user input. A remote attacker can use this vulnerability to execute a script in the user's browser

SAE IT-systems FW-50 Remote Telemetry Unit (RTU). A specially crafted request could allow an attacker to view the file structure of the affected device and access files that should be inaccessible. FW-50 RTU The following vulnerabilities exist in. * Cross-site scripting (CWE-79) - CVE-2020-10630 * Directory traversal (CWE-22) - CVE-2020-10634The expected impact depends on each vulnerability, but it may be affected as follows. * Arbitrary script is executed on the user's web browser - CVE-2020-10630 * Sensitive information is stolen by a remote third party by displaying the file structure of the device or avoiding access restrictions to the file. - CVE-2020-10634

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R6900P before 1.0.0.56, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7900 before 1.0.1.18, R8300 before 1.0.2.104, and R8500 before 1.0.2.104. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400, etc. are all wireless routers from NETGEAR. A buffer error vulnerability exists in many NETGEAR products, which originates from incorrect boundary checks. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service with a specially crafted request. This affects R6400 prior to 1.0.1.24, R6400v2 prior to 1.0.2.32, R6700 prior to 1.0.1.22, R6900 prior to 1.0.1.22, R7000 prior to 1.0.9.4, R7000P prior to 1.0.0.56, R6900P prior to 1.0.0.56, R7100LG prior to 1.0.0.32, R7300 prior to 1.0.0.54, R7900 prior to 1.0.1.18, R8300 prior to 1.0.2.104, and R8500 prior to 1.0.2.104

Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130. plural Snapdragon The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

DriveSize is a selection program that can help users choose an optimized low-voltage motor, rectifier and inverter solution. ABB DriveSize has a dll hijacking vulnerability. Attackers can use this vulnerability to load malicious dlls and execute malicious code.