VARIoT IoT vulnerabilities database

Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function. Crestron DMC-STRO The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crestron Electronics DMC-STRO is a streaming media input card for receiving streaming video signals from Crestron Electronics. Crestron Electronics DMC-STRO has an operating system command injection vulnerability

Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series of operation without unlock the screen lock. Successful exploit could cause an information disclosure condition. Huawei Honor Play is a smart phone product of China's Huawei (Huawei) company

Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. Atlas 300 is an AI (Artificial Intelligence) acceleration card. This product is suitable for artificial intelligence training and inference scenarios

On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded. BIG-IP AFM Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5 BIG-IP AFM is an advanced firewall product used to protect against DDos attacks from F5 Corporation of the United States. Security vulnerabilities exist in F5 BIG-IP AFM versions 15.0.0 through 15.0.1, 14.0.0 through 14.1.2, and 13.1.0 through 13.1.3.1. An attacker could exploit this vulnerability to cause legitimate network packet loss or delay

On F5 SSL Orchestrator 15.0.0-15.0.1 and 14.0.0-14.1.2, TMM may crash when processing SSLO data in a service-chaining configuration. F5 SSL Orchestrator Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. This product provides policy-based dynamic decryption, encryption, and flow control functions. Attackers can exploit this vulnerability to crash TMM

The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root. Both F5 BIG-IP APM and F5 BIG-IP APM Clients are products of F5 Corporation in the United States. F5 BIG-IP APM is an access and security solution. The product provides unified access to business-critical applications and networks. F5 BIG-IP APM Clients is a set of APM client software. An attacker could exploit this vulnerability to access files of the root user. The following products and versions are affected: F5 BIG-IP APM 15.0.0 to 15.0.1, 14.1.0 to 14.1.0.5, 14.0.0 to 14.0.0.4, 13.1.0 to 13.1.1.5 Version, 12.1.0 to 12.1.5, 11.5.1 to 11.6.5

On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic. plural F5 The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5 BIG-IP ASM, etc. are all products of F5 Company in the United States. F5 BIG-IP ASM is a web application firewall (WAF), and F5 Enterprise Manager is a tool that provides visibility into the entire BIG-IP application delivery infrastructure and optimizes application performance. F5 BIG-IQ is a software-based cloud management solution. Security flaws exist in several F5 products. The following products and versions are affected: F5 BIG-IP ASM version 15.0.0 to version 15.0.1, version 14.1.0 to version 14.1.2, version 14.0.0 to version 14.0.1, version 13.1.0 to version 13.1.3.1 Version; BIG-IQ version 6.0.0, version 5.2.0-5.4.0; iWorkflow version 2.3.0; Enterprise Manager version 3.1.1

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. TP-LINK TL-WR841N The router contains a classic buffer overflow vulnerability. Zero Day Initiative Does not address this vulnerability ZDI-CAN-8457 Was numbered.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. TP-Link TL-WR841N is a wireless router from China TP-Link. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations

BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts specific engineering hotfixes using the aforementioned authentication configuration. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.3.0.79.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.97.6-ENG.iso, Hotfix-BIGIP-14.1.0.3.0.99.6-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.15.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.36.5-ENG.iso, Hotfix-BIGIP-14.1.0.5.0.40.5-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.11.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.14.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.68.9-ENG.iso, Hotfix-BIGIP-14.1.0.6.0.70.9-ENG.iso, Hotfix-BIGIP-14.1.2.0.11.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.18.37-ENG.iso, Hotfix-BIGIP-14.1.2.0.32.37-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.46.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.14.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.16.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.34.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.97.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.99.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.105.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.111.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.115.4-ENG.iso, Hotfix-BIGIP-14.1.2.1.0.122.4-ENG.iso, Hotfix-BIGIP-15.0.1.0.33.11-ENG.iso, Hotfix-BIGIP-15.0.1.0.48.11-ENG.iso. BIG-IP Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP. An attacker could exploit this vulnerability to bypass authentication. The following products and versions are affected: F5 BIG-IP 15.0.1.0.33.11-ENG Hotfix version, 15.0.1.0.48.11-ENG Hotfix version, 14.1.0.3.0.79.6-ENG Hotfix version, 14.1.0.3.0.97.6 -ENG Hotfix Version, 14.1.0.3.0.99.6-ENG Hotfix Version, 14.1.0.5.0.15.5-ENG Hotfix Version, 14.1.0.5.0.36.5-ENG Hotfix Version, 14.1.0.5.0.40.5-ENG Hotfix version, 14.1.0.6.0.11.9-ENG Hotfix version, 14.1.0.6.0.14.9-ENG Hotfix version, 14.1.0.6.0.68.9-ENG Hotfix version, 14.1.0.6.0.70.9-ENG Hotfix version , 14.1.2.0.11.37-ENG Hotfix Version, 14.1.2.0.18.37-ENG Hotfix Version, 14.1.2.0.32.37-ENG Hotfix Version, 14.1.2.1.0.46.4-ENG Hotfix Version, 14.1.2.1.0.14.4 -ENG Hotfix Version, 14.1.2.1.0.16.4-ENG Hotfix Version, 14.1.2.1.0.34.4-ENG Hotfix Version, 14.1.2.1.0.97.4-ENG Hotfix Version, 14.1.2.1.0.99.4-ENG Hotfix version, 14.1.2.1.0.105.4-ENG Hotfix version, 14.1.2.1.0.111.4-ENG Hotfix version, 14.1.2.1.0.115.4-ENG Hotfix version, 14.1.2.1.0.122.4-ENG Hotfix version

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI. TCL Communication Alcatel Cingular Flip 2 B9HUAH1 is a mobile phone of China TCL Communication (TCL Communication) company. omamock is one of the components. The vulnerability stems from the fact that external input data constructs executable commands for the operating system, and the network system or product does not properly filter special characters and commands. Attackers can use this vulnerability to execute illegal operating system commands

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. This file would typically be created via Android Debug Bridge (adb) over USB. TCL Alcatel Cingular Flip 2 The device contains an incorrect authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TCL Communication Alcatel Cingular Flip 2 B9HUAH1 is a mobile phone of China TCL Communication (TCL Communication) company. There is a security vulnerability in TCL Communication Alcatel Cingular Flip 2 B9HUAH1

An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory. Relion 670 The series contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ABB Relion 670 Series is a transmission protection control device of Swiss ABB company

An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter. Fastweb Askey RTV1907VW The device contains an injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Fastweb Askey RTV1907VW is a router of Italian Fastweb company. Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 Vulnerability exists in the version

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the system application to trigger firmware updates via OmaService.js.). TCL Alcatel Cingular Flip 2 The device contains an injection vulnerability.Information may be obtained and information may be altered. TCL Communication Alcatel Cingular Flip 2 B9HUAH1 is a mobile phone of China TCL Communication (TCL Communication) company. Attackers can use this vulnerability to view and modify the wireless update settings of device firmware

An attacker may use a specially crafted message to force Relion 650 series (versions 1.3.0.5 and prior) or Relion 670 series (versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior) to reboot, which could cause a denial of service. Relion 650 and 670 The series contains a vulnerability related to input validation.Service operation interruption (DoS) There is a possibility of being put into a state. ABB Relion 670 Series and ABB Relion 650 Series are transmission protection control equipment of ABB company in Switzerland

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host. Authentication is not required to exploit this vulnerability.The specific flaw exists within the Java RMI service, which listens on TCP port 52569 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. The software provides features such as storage performance monitoring and report generation

ER5200 is a high-performance Gigabit downlink router launched by H3C. It is mainly positioned in the SMB market of Ethernet / fiber / ADSL access and network environments such as government, enterprise organizations, and Internet cafes. There is a weak password vulnerability in Huasan ER5200 router. An attacker can use this vulnerability to log in to the management background directly.

Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743. Nokia IMPACT is a set of intelligent management platform for the Internet of Things of Nokia (Finland). The vulnerability stems from a network system or product's failure to properly filter special elements in a resource or file path. An attacker could use this vulnerability to access locations outside the restricted directory

Nokia IMPACT < 18A: has Reflected self XSS. Nokia IMPACT Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Nokia IMPACT is a set of intelligent management platform for the Internet of Things of Nokia (Finland). The vulnerability stems from the lack of proper validation of client data by web applications. An attacker could use this vulnerability to execute client code

Nokia IMPACT < 18A: allows full path disclosure. Nokia IMPACT is a set of intelligent management platform for the Internet of Things of Nokia (Finland). An attacker could use this vulnerability to reveal the full path