VARIoT IoT vulnerabilities database

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. (DoS) It may be put into a state. The following products and versions are affected: Webex Network Recording Player Release WBS earlier than 39.5.17 (Cisco Webex Meetings), Release WBS earlier than 39.11.0 (Cisco Webex Meetings), Release 1.3.49 earlier (Cisco Webex Meetings Online), Release 3.0MR3 prior to SecurityPatch1 (Cisco Webex Meetings Server), prior to 4.0MR2SecurityPatch2 (Cisco Webex Meetings Server); Webex Player Release prior to WBS 39.5.17 (Cisco Webex Meetings), Release prior to Release WBS 39.11.0 (Cisco Webex Meetings) , versions earlier than Release 1.3.49 (Cisco Webex Meetings Online)

A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section. The vulnerability is due to a lack of validation of the SSL server certificate received when establishing a connection to a Cisco Webex video device or a Cisco collaboration endpoint. An attacker could exploit this vulnerability by using man in the middle (MITM) techniques to intercept the traffic between the affected client and an endpoint, and then using a forged certificate to impersonate the endpoint. Depending on the configuration of the endpoint, an exploit could allow the attacker to view presentation content shared on it, modify any content being presented by the victim, or have access to call controls. This vulnerability does not affect cloud registered collaboration endpoints. Cisco Intelligent Proximity The solution contains a certificate validation vulnerability.Information may be obtained and tampered with. Cisco Intelligent Proximity is an innovative feature set that enables a richer collaboration experience from your mobile device. Cisco Webex Teams and others are products of Cisco. Cisco Webex Teams is a team collaboration application. The program includes video conferencing, group messaging and file sharing capabilities. Cisco Webex Meetings is a set of video conferencing solutions. Cisco Jabber is a unified communications client solution. The program provides online status display, instant messaging, voice and other functions. The following products and versions are affected: Cisco Intelligent Proximity application; Cisco Jabber; Cisco Webex Meetings; Cisco Webex Teams; Cisco Meeting App

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by crafting a malicious configuration and saving it to the targeted system. An exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information when an administrator views the configuration. An attacker would need write permissions to exploit this vulnerability successfully. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded. are all products of Cisco in the United States. The device is mainly used to manage all strategies, reports, audit information, etc. of e-mail and Web security devices. AsyncOS Software is a set of operating systems running in it. The device provides SaaS-based access control, real-time network reporting and tracking, and formulating security policies. AsyncOS web management interface in many Cisco products has an input verification error vulnerability, which stems from the failure to properly verify the HTTP request header. The following products and versions are affected: Cisco ESA 13.0.0-392 and earlier (Release); Cisco Cloud Email Security 13.0.0-392 and earlier (Release); Cisco WSA 12.0.1-268 and earlier (Release) ; Cisco SMA 13.6.0 and earlier versions (Release)

A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient control over system memory allocation. An attacker could exploit this vulnerability by sending a crafted email through the targeted device. A successful exploit could allow the attacker to cause an email attachment that contains malware to be delivered to a user and cause email processing delays. Cisco Email Security Appliances (ESAs) Exists in a resource exhaustion vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. Cisco Email Security Appliance (ESA) is an email security appliance from Cisco Corporation in the United States. AsyncOS Software is a set of operating systems running on it

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web-based management interface or access sensitive, browser-based information. This product is mainly used to deploy large-scale remote and local video conferences, and provides contact management and centralized configuration management

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An attacker could exploit this vulnerability by sending malicious ICMP error messages to an affected device that get punted to the IPsec packet processor. A successful exploit could allow the attacker to deplete IPsec memory, resulting in all future IPsec packets to an affected device being dropped by the device. Manual intervention is required to recover from this situation. Cisco IOS XR Software contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. Cisco IOS XR is an operating system developed by Cisco for its network equipment. The following products and versions are affected: Cisco IOS XR (release) prior to 6.4.3, prior to 6.6.3, prior to 7.0.2, and prior to 7.1.1

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information

Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely. Rubetek SmartHome The device contains a vulnerability in the transmission of important information in clear text.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Rubetek SmartHome is a smart home product from Russia's Rubetek. A security vulnerability exists in the Rubetek SmartHome 2020 version, which is caused by the program using an unencrypted 433 MHz band for communication. A remote attacker could use this vulnerability to cause a denial of service, obtain information, or falsify data

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying certain CLI commands with crafted arguments. A successful exploit could allow the attacker to run arbitrary commands as the root user, which could result in a complete system compromise. (DoS) It may be put into a state. Cisco Remote PHY 120 is a remote PHY (port physical layer) device from Cisco in the United States

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface. D-Link DSL-2680 Cross-site scripting vulnerabilities, and HTTP There is a vulnerability related to Request Smagling.Service operation interruption (DoS) It may be put into a state. D-Link DSL-2680 is a wireless router from Taiwan D-Link. The web management interface in D-Link DSL-2680 has a security vulnerability

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request without being authenticated on the admin interface. D-Link DSL-2680 There is an authentication vulnerability in.Information may be tampered with. D-Link DSL-2680 is a wireless router from Taiwan D-Link. The Web management interface in D-Link DSL-2680 has an authorization issue vulnerability

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns_1 POST request. D-Link DSL-2680 There is an authentication vulnerability in.Information may be tampered with. D-Link DSL-2680 is a Wireless N150 ADSL2 + home router

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding. ARRIS TG1692A Devices contain vulnerabilities in insufficient protection of credentials.Information may be obtained. ARRIS TG1692A is a modem of ARRIS company in the United States. A security vulnerability exists in ARRIS TG1692A

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C. Qihoo Technology 360 P0 and 360 F5C are both wireless routers of China Qihoo Technology Company. Attackers can use this vulnerability to obtain part of the user's information and cause the user to be unable to use the router

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface. D-Link DSL-2680 There is an authentication vulnerability in.Information may be tampered with. D-Link DSL-2680 is a wireless router from Taiwan D-Link. The Web management interface in D-Link DSL-2680 has an authorization issue vulnerability

A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wireless_autonetwork_1 POST request. D-Link DSL-2680 Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. D-Link DSL-2680 is a wireless router from Taiwan D-Link

A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections in the web-based interface. An attacker could exploit this vulnerability by persuading a targeted user, with an active administrative session on the affected device, to click a malicious link. A successful exploit could allow an attacker to change the device's configuration, which could include the ability to edit or create user accounts of any privilege level. Some changes to the device's configuration could negatively impact the availability of networking services for other devices on networks managed by CPNR. Cisco Prime Network Registrar (CPNR) is a network registrar product from Cisco (USA). The product provides services such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and IP Address Management (IPAM)

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. The vulnerability exists because replies from the web-based management interface include unnecessary server information. An attacker could exploit this vulnerability by inspecting replies received from the web-based management interface. A successful exploit could allow the attacker to obtain details about the operating system, including the web server version that is running on the device, which could be used to perform further attacks. The software provides IP communications services functionality for IP telephony, voice mail, and unified communications environments

A vulnerability in the multicast DNS (mDNS) protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. The vulnerability exists because sensitive information is included in the mDNS reply. An attacker could exploit this vulnerability by doing an mDNS query for a particular service against an affected device. A successful exploit could allow the attacker to gain access to sensitive information. Cisco Webex Meetings is a set of video conferencing solutions of Cisco (Cisco)