VARIoT IoT vulnerabilities database

Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. Petwant PF-103 Firmware and Petalk AI Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities. There is a trust management issue vulnerability in Petwant PF-103 and Petalk AI version 3.2.2.30 using 4.3.2.50 firmware. The vulnerability originates from the program using the default credentials for the TELNET server. A remote attacker could use this vulnerability as the root user. Execute arbitrary system commands

A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. Petwant PF-103 Firmware and Petalk AI Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities. A buffer overflow vulnerability exists in the 'processCommandUploadLog' function of the libcommon.so file in version 4.22.2.42 of Petwant PF-103 and Petalk AI 3.2.2.30. This vulnerability originates from a network system or product performing operations on memory Data boundaries are incorrectly verified, which results in erroneous read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflows or heap overflows

processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. Petwant PF-103 Firmware and Petalk AI Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities. The operating system command injection vulnerability exists in the 'processCommandSetUid ()' function of the libcommon.so file in version 4.22.2.42 of Petwant PF-103 and Petalk AI 3.2.2.30

The processCommandUploadLog() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. Petwant PF-103 Firmware and Petalk AI Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities

processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. Petwant PF-103 Firmware and Petalk AI Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities. System commands

IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0 is vulnerable to a denial of service attack caused by channels processing poorly formatted messages. IBM X-Force ID: 166357. IBM MQ and IBM MQ Appliance Contains an input validation vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 166357 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. Petwant PF-103 Firmware and Petalk AI Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities. A buffer overflow vulnerability exists in the 'processCommandUploadSnapshot' function of the libcommon.so file in Petwant PF-103 and Petalk AI version 3.2.2.30 using 4.22.2.42 firmware. The vulnerability originates from a network system or product performing operations on memory. Data boundaries are incorrectly verified, which results in erroneous read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflows or heap overflows

The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. Petwant PF-103 Firmware and Petalk AI Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Petwant PF-103 is an automatic pet feeding machine from China Petnant. Petalk AI is an automated pet feeder with monitoring capabilities. Any system command

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR AC1200 Smart WiFi Router. User interaction is required to exploit this vulnerability.The specific flaw exists within the handling of admin credentials provided to the mini_httpd endpoint. The issue results from displaying sensitive information in plaintext. An attacker can leverage this vulnerability to disclose sensitive information in the context of the administrator.

In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code with the privileges of the user running DiagAnywhere Server. Advantech DiagAnywhere Server Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of FOLDER_CREATE messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. Advantech DiagAnywhere Server is a set of remote monitoring software based on Windows platform from Advantech, Taiwan. This software is mainly used for remote monitoring of Advantech TPC, APAX, UNO and ADAM. Advantech DiagAnywhere Server has a buffer overflow vulnerability. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwOpcBs.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves. Omron PLC CJ Series and PLC CS The series includes Capture-replay There is a vulnerability related to authentication bypass by.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Omron PLC CJ and CS series is the PLC of Omron

In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands. Omron PLC CJ and Omron PLC CS The series contains a vulnerability in spoofing authentication bypass.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Omron PLC CJ and CS series is the PLC of Omron

In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks. Omron PLC CJ series, etc. are all products of Japan's Omron (Omron) company. Omron PLC CJ series is a CJ series programmable logic controller (PLC). Omron PLC CS series is a CS series programmable logic controller (PLC). Omron PLC NJ series is an NJ series programmable logic controller. Attackers can exploit this vulnerability to implement brute force attacks

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The RMI communication between the client and the Application Server is unencrypted. An attacker with access to the communication channel can read credentials of a valid user. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. SPPA-T3000 Application Server Contains vulnerabilities in the transmission of important information in the clear and vulnerabilities in out-of-bounds writes.Information may be obtained. SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. Application Server is one of the application servers that provides the main system services, including access control, data distribution to thin clients, and archiving

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. This vulnerability CVE-2019-18290 , CVE-2019-18291 , CVE-2019-18292 , CVE-2019-18298 , CVE-2019-18299 , CVE-2019-18300 , CVE-2019-18301 , CVE-2019-18302 , CVE-2019-18303 , CVE-2019-18304 , CVE-2019-18305 , CVE-2019-18306 , CVE-2019-18307 Is a different vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from CVE-2019-18309. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. This vulnerability CVE-2019-18309 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. SPPA-T3000 Application Server Contains an out-of-bounds write vulnerability and an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. Application Server is one of the application servers that provides the main system services, including access control, data distribution to thin clients, and archiving

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. This vulnerability CVE-2019-18289 , CVE-2019-18293 , CVE-2019-18296 Is a different vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to filenames on the server by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. SPPA-T3000 Application Server Contains an information disclosure vulnerability.Information may be obtained. Siemens SPPA-T3000 Application Server is a Java-based application server from Siemens, Germany. The vulnerability stems from configuration errors in the network system or product during operation. An unauthorized attacker could use the vulnerability to obtain sensitive information about the affected component