VARIoT IoT exploits database
| VAR-E-201809-0061 |
CVE-2018-17587 CVE-2018-17593 CVE-2018-17588 CVE-2018-17590 CVE-2018-17591 |
Airties AIR5342 1.0.0.18 - Cross-Site Scripting - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201810-0505, VAR-201810-0501, VAR-201810-0504, VAR-201810-0502, VAR-201810-0506 | EDB ID: 45525 |
Airties AIR5342 1.0.0.18 - Cross-Site Scripting. CVE-2018-17593CVE-2018-17591CVE-2018-17590CVE-2018-17588CVE-2018-17587 . webapps exploit for Hardware platform
| VAR-E-201809-0178 |
CVE-2018-17001 |
RICOH SP 4510SF Printer Cross Site Scripting
Related entries in the VARIoT vulnerabilities database: VAR-201809-0817 | No EDB ID |
The RICOH SP 4510SF printer suffers from cross site scripting and html injection vulnerabilities.
| VAR-E-201809-0148 | No CVE | NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet) - Hardware remote Exploit | EDB ID: 45427 |
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet).. remote exploit for Hardware platform
| VAR-E-201809-0081 |
CVE-2018-14327 |
EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation - Windows local Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201809-0900 | EDB ID: 45501 |
EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation. CVE-2018-14327 . local exploit for Windows platform
| VAR-E-201809-0404 | No CVE | InduSoft Web Studio 8.1 SP1 - Tag Name Buffer Overflow (SEH) Exploit | No EDB ID |
| VAR-E-201809-0051 | No CVE | InduSoft Web Studio 8.1 SP1 Buffer Overflow | No EDB ID |
InduSoft Web Studio version 8.1 suffers from a buffer overflow vulnerability.
| VAR-E-201809-0384 | No CVE | Seagate Personal Cloud Information Disclosure | No EDB ID |
Seagate Personal Cloud is a consumer-grade Network-Attached Storage device (NAS). It was found that the web application used to manage the NAS is affected by various unauthenticated information disclosure vulnerabilities. The device is configured to trust any CORS origin, and is accessible via the personalcloud.local domain name. Due to this it is possible for any website to gain access to this information. While this information doesn't allow an attacker to compromise the NAS, the information can be used to stage more targeted attacks. This issue was tested on a Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0. The software is licensed from LACIE, it is very likely that other devices/models are also affected.
| VAR-E-201809-0024 | No CVE | InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH) - Windows_x86-64 local Exploit | EDB ID: 45395 |
InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH).. local exploit for Windows_x86-64 platform
| VAR-E-201809-0415 | No CVE | D-Link DIR-601 - Credential Disclosure Vulnerability | No EDB ID |
| VAR-E-201809-0335 | No CVE | D-Link DIR-615 - Denial of Service Vulnerability | No EDB ID |
| VAR-E-201809-0198 |
CVE-2018-15839 |
D-Link DIR-615 - Denial of Service (PoC) - Hardware dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201808-0206 | EDB ID: 45317 |
D-Link DIR-615 - Denial of Service (PoC). CVE-2018-15839 . dos exploit for Hardware platform
| VAR-E-201808-0147 |
CVE-2018-12710 |
DLink DIR-601 - Credential Disclosure - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201808-0761 | EDB ID: 45306 |
DLink DIR-601 - Credential Disclosure. CVE-2018-12710 . webapps exploit for Hardware platform
| VAR-E-201808-0259 |
CVE-2018-16133 |
Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal - Windows_x86-64 webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201808-0771 | EDB ID: 45303 |
Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal. CVE-2018-16133 . webapps exploit for Windows_x86-64 platform
| VAR-E-201808-0179 |
CVE-2018-16134 |
Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting - Windows_x86-64 webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201808-0772 | EDB ID: 45309 |
Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting. CVE-2018-16134 . webapps exploit for Windows_x86-64 platform
| VAR-E-201808-0402 | No CVE | Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal Vulnerability | No EDB ID |
| VAR-E-201808-0237 | No CVE | Cisco Network Assistant 6.3.3 Denial Of Service | No EDB ID |
Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.
| VAR-E-201808-0405 | No CVE | Cisco Network Assistant 6.3.3 - Cisco Login Denial of Service Exploit | No EDB ID |
| VAR-E-201808-0090 | No CVE | Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC) - Windows dos Exploit | EDB ID: 45275 |
Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC).. dos exploit for Windows platform
| VAR-E-201808-0454 | No CVE | ZyXEL VMG3312-B10B - Cross-Site Scripting Vulnerability | No EDB ID |
| VAR-E-201808-0382 |
CVE-2017-12577 |
PLANEX CS-QR20 Hardcoded Credential
Related entries in the VARIoT vulnerabilities database: VAR-201808-0127 | No EDB ID |
PLANEX CS-QR20 suffers from a hardcoded administrative login credential vulnerability.