VARIoT IoT vulnerabilities database

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product has a local file inclusion vulnerability. An attacker with administrative privileges can craft a special URL to read arbitrary files from the device's files system. Topcon Positioning Net-G5 GNSS Receiver is a multi-frequency GNSS (Global Navigation Satellite System) receiver from Topcon, Japan

Shenzhen Shanchuan Robot Co., Ltd. is a high-tech enterprise focusing on the research and development, production and sales of sweeping robots. There is a command execution vulnerability in the sweeping robot of Shenzhen Shanchuan Robot Co., Ltd. An attacker can use this vulnerability to interact with the server to execute commands remotely, posing information leakage and operational security risks.

A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 (JACE 3e, JACE 6e, JACE 7, JACE-8000), Niagara 4.4u3 (JACE 3e, JACE 6e, JACE 7, JACE-8000), and Niagara 4.7u1 (JACE-8000, Edge 10). Niagara AX and Niagara Contains an authentication vulnerability.Information may be obtained

F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. plural F5 BIG-IP The product contains an information disclosure vulnerability.Information may be obtained and information may be altered. Both F5 BIG-IP and F5 Enterprise Manager are products of the US company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 Enterprise Manager is a tool that provides visibility into the entire BIG-IP application delivery infrastructure and optimizes application performance. Security vulnerabilities exist in F5 BIG-IP and F5 Enterprise Manager. An attacker could exploit this vulnerability to disclose sensitive information and modify system configurations. The following products and versions are affected: F5 BIG-IP version 15.0.0, version 14.1.0 to version 14.1.0.6, version 14.0.0 to version 14.0.0.5, version 13.0.0 to version 13.1.1.5, version 12.1.0 to version 12.1.4.1, version 11.6.0 to version 11.6.4, version 11.5.1 to version 11.5.9; Enterprise Manager version 3.1.1

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product is protected by a login. A guest is allowed to login. Once logged in as a guest, an attacker can browse a URL to read the password of the administrative user. The same procedure allows a regular user to gain administrative privileges. The guest login is possible in the default configuration. Topcon Positioning Net-G5 GNSS Receiver There is a privilege management vulnerability in the device firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Topcon Positioning Net-G5 GNSS Receiver is a multi-frequency GNSS (Global Navigation Satellite System) receiver from Japan's Topcon

F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings. F5 BIG-IP ASM is a Web Application Firewall (WAF) of F5 Corporation in the United States, which provides secure remote access, protects emails, simplifies Web access control, and enhances network and application performance. A security vulnerability exists in F5 BIG-IP ASM. An attacker could exploit this vulnerability to disclose sensitive information and modify system configurations. The following products and versions are affected: F5 BIG-IP ASM version 15.0.0, version 14.1.0 to version 14.1.0.6, version 14.0.0 to version 14.0.0.5, version 13.0.0 to version 13.1.1.5, version 12.1.0 Version to version 12.1.4.1, version 11.6.0 to version 11.6.4, version 11.5.1 to version 11.5.9

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskj_script_run.sh that executes a reverse shell. Keeper K5 Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Keeper K5 is a 2MP Wifi Bluetooth IP camera. The vulnerability stems from the failure of the network system or product to properly validate the input data

In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.). Tenda N301 Wireless routers contain a vulnerability related to input validation.Service operation interruption (DoS) There is a possibility of being put into a state. Tenda N301 is an 11N wireless broadband router. A denial of service vulnerability exists in goform / setSysTools in Tenda N301. The vulnerability stems from the failure of the network system or product to properly validate the input data

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other clientside browser attacks. Cisco HyperFlex The software contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Cisco HyperFlex Software is a set of scalable distributed file systems from Cisco. The system provides unified computing, storage and network through cloud management, and provides enterprise-level data management and optimization services. A security vulnerability exists in Cisco HyperFlex Software 3.5.2f and earlier, and 4.0.1b and earlier, due to the program not adequately protecting HTML iframes

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could exploit this vulnerability by sending properly formatted data values to the statistics collection service of an affected device. A successful exploit could allow the attacker to cause the web interface statistics view to present invalid data to users. Cisco HyperFlex The software is vulnerable to insufficient validation of data reliability.Information may be tampered with. Cisco HyperFlex Software is a set of scalable distributed file systems from Cisco. The system provides unified computing, storage and network through cloud management, and provides enterprise-level data management and optimization services

VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. VIVOTEK IP Camera There is an input validation vulnerability in the device firmware.Service operation interruption (DoS) There is a possibility of being put into a state. Vivotek VIVOTEK IP Camera is an IP camera produced by Taiwan Vivotek Corporation. Vivotek VIVOTEK IP Cameras with firmware versions earlier than 0x20x have a security vulnerability

A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing. Xiaomi mobile phone is a smartphone produced by Xiaomi Information Technology Co., Ltd. An attacker can exploit this vulnerability to write files or read privileged data. There are code issue vulnerabilities in several Xiaomi phones

Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me. An attacker could exploit this vulnerability to gain access to the /admin/ directory without credentials

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. plural Huawei The product contains a classic buffer overflow vulnerability.Denial of service (DoS) May be in a state. Huawei CloudEngine 6800 is a 6800 series 10 Gigabit Ethernet switch for data centers in China's Huawei. There are security vulnerabilities in Huawei CloudEngine 12800 200R003C00, 200R005C00, and 200R005C10. An attacker could use this vulnerability to connect to an affected device and execute commands

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key. RSA BSAFE Crypto-J Contains a vulnerability in the verification of digital signatures.Information may be obtained. Dell RSA BSAFE Crypto-J is an encryption toolkit from Dell, Inc. that provides developers with the tools to add privacy and authentication features to their applications. The vulnerability stems from a network system or product not adequately verifying the origin or authenticity of data. Attackers can use forged data to attack

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys. RSA BSAFE Crypto-J Contains a vulnerability related to information disclosure caused by differences in response to security-related processing.Information may be obtained. Dell RSA BSAFE Crypto-J is an encryption toolkit from Dell, Inc. that provides developers with the tools to add privacy and authentication features to their applications. A security vulnerability exists in Dell RSA BSAFE Crypto-J versions prior to 6.2.5

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys. RSA BSAFE Crypto-J Contains an information disclosure vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Dell RSA BSAFE Crypto-J is an encryption toolkit from Dell, Inc. that provides developers with the tools to add privacy and authentication features to their applications. A security vulnerability exists in Dell RSA BSAFE Crypto-J versions prior to 6.2.5

In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within cnvlgxtag.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a set of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. The vulnerability stems from the fact that the program does not properly verify the length of user input data

In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution. WebAccess Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within bwrunmie.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a set of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

A CWE-754 – Improper Check for Unusual or Exceptional Conditions vulnerability exists in Magelis HMI Panels (all versions of - HMIGTO, HMISTO, XBTGH, HMIGTU, HMIGTUX, HMISCU, HMISTU, XBTGT, XBTGT, HMIGXO, HMIGXU), which could cause a temporary freeze of the HMI when a high rate of frames is received. When the attack stops, the buffered commands are processed by the HMI panel. Magelis HMI Panel Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Magelis HMIGTO, etc. are a human-machine interface control panel of Schneider Electric in France. A code issue vulnerability exists in several Schneider Electric products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products. The following products and versions are affected: Schneider Electric HMIGTO; HMISTO; XBTGH; HMIGTU; HMIGTUX; HMISCU; HMISTU; XBTGT; XBTGT; HMIGXO; HMIGXU