VARIoT IoT vulnerabilities database
| VAR-201910-1867 | No CVE | Unauthorized Access Vulnerability in Retained Message of Baidu Tiangong Intelligent Platform |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Baidu Tiangong Intelligent Platform is a cloud service platform for the Internet of Things field. It communicates through mainstream IoT protocols (such as MQTT), and can build IoT projects between smart devices and the cloud.
An unauthorized access vulnerability exists in the Retained Message of Baidu Tiangong Intelligent Platform.
| VAR-201910-1868 | No CVE | Alibaba Cloud IoT platform has unauthorized access vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Alibaba Cloud IoT platform is a cloud service platform for the IoT field. It communicates through mainstream IoT protocols (such as MQTT) and can build IoT projects between smart devices and the cloud.
There is an unauthorized access vulnerability in the Alibaba Cloud IoT platform, and an attacker can use the vulnerability to always receive messages on the topic of the subscription.
| VAR-201910-1751 | No CVE | MITSUBISHI PLC has a denial of service vulnerability (CNVD-2019-37109) |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
MITSUBISHI PLC is a programmable controller product of Japan's Mitsubishi Electric (Mitsubishi Electric) company.
MITSUBISHI PLC has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service
| VAR-201910-1750 | No CVE | SIEMENS SIMATIC S7-400 has a denial of service vulnerability (CNVD-2019-37113) |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
SIEMENS SIMATIC S7-400 is a modular universal controller of Siemens (Siemens) for the manufacturing industry.
SIEMENS SIMATIC S7-400 has a denial of service vulnerability. An attacker can use this vulnerability to cause a denial of service
| VAR-201910-1348 | CVE-2013-4856 | D-Link DIR-865L Information Disclosure Vulnerability |
CVSS V2: 2.9 CVSS V3: 6.5 Severity: MEDIUM |
D-Link DIR-865L has Information Disclosure. D-Link DIR-865L is a wireless router from Taiwan D-Link Corporation. The vulnerability stems from configuration errors during the operation of the network system or product. An unauthorized attacker could use the vulnerability to obtain sensitive information about the affected component
| VAR-201910-1357 | CVE-2016-2360 | Milesight IP security cameras Trust Management Issue Vulnerability |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations. Milesight IP security cameras Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could use this vulnerability to access these accounts
| VAR-201910-1351 | CVE-2013-4658 | Belkin Linksys EA6500 Path Traversal Vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. Linksys EA6500 Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Belkin Linksys EA6500 is a wireless router from Belkin.
A path traversal vulnerability exists in Linksys EA6500 that is caused by a network system or product that fails to properly filter a particular element in a resource or file path that an attacker could use to access a location outside of a restricted directory
| VAR-201910-1356 | CVE-2016-2359 | Milesight IP security cameras Authentication vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource. Milesight IP security cameras Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Milesight IP security cameras is an IP camera product of China Milesight Digital Technology (Milesight).
There are security vulnerabilities in Milesight IP security cameras 2016-11-14 and earlier
| VAR-201910-1353 | CVE-2016-2356 | Milesight IP security cameras Vulnerable to classic buffer overflow |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password. Milesight IP security cameras Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Milesight IP security cameras is an IP camera product of China Milesight Digital Technology (Milesight). The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow
| VAR-201910-1355 | CVE-2016-2358 | Milesight IP security cameras Vulnerabilities related to the use of hard-coded credentials |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts. Milesight IP security cameras Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could use this vulnerability to access these accounts
| VAR-201910-0663 | CVE-2019-16265 | CODESYS ENI server Vulnerable to out-of-bounds writing |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. CODESYS ENI server Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
| VAR-201910-1349 | CVE-2013-4857 | D-Link DIR-865L Blind in XPath Injection vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
D-Link DIR-865L has PHP File Inclusion in the router xml file. D-Link DIR-865L The blinds XPath An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-865L is a wireless router from Taiwan D-Link Corporation.
An unknown vulnerability exists in D-Link DIR-865L. No detailed vulnerability details are provided at this time
| VAR-201910-1347 | CVE-2013-4855 | D-Link DIR-865L path traversal vulnerability |
CVSS V2: 7.9 CVSS V3: 8.8 Severity: HIGH |
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. D-Link DIR-865L Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-865L is a wireless router from Taiwan D-Link Corporation.
A security vulnerability exists in D-Link DIR-865L, which originated from a failure to configure properly in the SMB service. An attacker could use this vulnerability to create a symbolic link to the router file system root
| VAR-201910-1354 | CVE-2016-2357 | Milesight IP security cameras Vulnerabilities related to the use of hard-coded credentials |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. Milesight IP security cameras Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. There are currently no detailed details of the vulnerability provided
| VAR-201910-1871 | No CVE | Command execution vulnerability exists in Dahua camera SSH service |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
Zhejiang Dahua Technology Co., Ltd. is a smart IoT solution provider and operation service provider with video as the core.
Dahua camera SSH service has a command execution vulnerability. Attackers can use this vulnerability to obtain camera root execution permissions.
| VAR-201910-1200 | CVE-2019-13652 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1187 | CVE-2019-13549 | Rittal Chiller SK 3232-Series Improper access control vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication. Carel pCOWeb Firmware is vulnerable to a lack of authentication for critical functions.Information may be tampered with. Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal
| VAR-201910-1196 | CVE-2019-13649 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1198 | CVE-2019-13650 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). TP-Link M7350 The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command
| VAR-201910-1201 | CVE-2019-13653 | TP-Link M7350 In the device OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. An attacker could exploit this vulnerability to execute an illegal operating system command