VARIoT IoT exploits database
| VAR-E-202011-0110 | No CVE | Cisco 7937G - DoS/Privilege Escalation - Hardware remote Exploit | EDB ID: 49057 |
Cisco 7937G - DoS/Privilege Escalation.. remote exploit for Hardware platform
| VAR-E-202011-0179 |
CVE-2018-9285 |
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit) - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201804-1341 | EDB ID: 49036 |
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit).. webapps exploit for Hardware platform
| VAR-E-202011-0048 | No CVE | Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC) - Hardware webapps Exploit | EDB ID: 49308 |
Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC).. webapps exploit for Hardware platform
| VAR-E-202011-0011 |
CVE-2020-25015 |
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202009-0727 | EDB ID: 49000 |
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF. CVE-2020-25015 . webapps exploit for Hardware platform
| VAR-E-202011-0114 | No CVE | Apache Flink 1.9.x - File Upload RCE (Unauthenticated) - Java webapps Exploit | EDB ID: 48978 |
Apache Flink 1.9.x - File Upload RCE (Unauthenticated).. webapps exploit for Java platform
| VAR-E-202011-0291 | No CVE | Apache Flink 1.9.x Shell Upload | No EDB ID |
Apache Flink version 1.9.x suffers from a remote code execution vulnerability via a malicious upload.
| VAR-E-202010-0085 | No CVE | Genexis Platinum-4410 P4410-V2-1.28 Cross Site Request Forgery | No EDB ID |
Genexis Platinum-4410 version P4410-V2-1.28 suffers from a cross site request forgery vulnerability.
| VAR-E-202010-0039 | No CVE | Genexis Platinum-4410 P4410-V2-1.28 - Cross Site Request Forgery to Reboot - Hardware webapps Exploit | EDB ID: 48972 |
Genexis Platinum-4410 P4410-V2-1.28 - Cross Site Request Forgery to Reboot.. webapps exploit for Hardware platform
| VAR-E-202010-0140 | No CVE | Genexis Platinum-4410 Cross Site Scripting | No EDB ID |
The Genexis Platinum-4410 router suffers from a persistent cross site scripting vulnerability.
| VAR-E-202010-0069 | No CVE | Genexis Platinum-4410 - 'SSID' Persistent XSS - Hardware webapps Exploit | EDB ID: 48948 |
Genexis Platinum-4410 - 'SSID' Persistent XSS.. webapps exploit for Hardware platform
| VAR-E-202009-0057 | No CVE | D-Link DGS-1210-28 Denial Of Service | No EDB ID |
D-Link DGS-1210-28 suffers from a denial of service vulnerability.
| VAR-E-202009-0013 |
CVE-2020-24034 |
Sagemcom F@ST 5280 Privilege Escalation
Related entries in the VARIoT vulnerabilities database: VAR-202009-0960 | No EDB ID |
Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise.
| VAR-E-202008-0037 |
CVE-2020-16137 CVE-2020-16138 CVE-2020-16139 |
Cisco 7937G Privilege Escalation
Related entries in the VARIoT vulnerabilities database: VAR-202008-0711, VAR-202008-0721, VAR-202008-0712 | No EDB ID |
Cisco 7947G versions SIP-1-4-5-7 and below privilege escalation exploit.
| VAR-E-202006-0118 |
CVE-2020-10644 CVE-2020-12004 |
Inductive Automation Ignition Remote Code Execution
Related entries in the VARIoT vulnerabilities database: VAR-202006-0006, VAR-202006-0363 | No EDB ID |
This Metasploit module exploits a Java deserialization vulnerability in the Inductive Automation Ignition SCADA product, versions 8.0.0 to (and including) 8.0.7. This exploit was tested on versions 8.0.0 and 8.0.7 on both Linux and Windows. The default configuration is exploitable by an unauthenticated attacker, which can achieve remote code execution as SYSTEM on a Windows installation and root on Linux. The vulnerability was discovered and exploited at Pwn2Own Miami 2020 by the Flashback team (Pedro Ribeiro + Radek Domanski).
| VAR-E-202006-0013 |
CVE-2020-11679 CVE-2020-11680 CVE-2020-11681 CVE-2020-11682 |
Castel NextGen DVR 1.0.0 Bypass / CSRF / Disclosure
Related entries in the VARIoT vulnerabilities database: VAR-202006-0044, VAR-202006-0042, VAR-202006-0043, VAR-202006-0045 | No EDB ID |
Castel NextGen DVR version 1.0.0 suffers from authorization bypass, credential disclosure, and cross site request forgery vulnerabilities.
| VAR-E-202006-0104 |
CVE-2019-17525 |
D-Link DIR-615 T1 20.10 - CAPTCHA Bypass - Hardware webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202004-0708 | EDB ID: 48551 |
D-Link DIR-615 T1 20.10 - CAPTCHA Bypass. CVE-2019-17525 . webapps exploit for Hardware platform
| VAR-E-202005-0257 | No CVE | Draytek VigorAP Cross Site Scripting | No EDB ID |
Draytek VigorAP suffers from a persistent cross site scripting vulnerability. Multiple different versions are affected.
| VAR-E-202005-0048 | No CVE | Draytek VigorAP 1000C - Persistent Cross-Site Scripting - Hardware webapps Exploit | EDB ID: 48436 |
Draytek VigorAP 1000C - Persistent Cross-Site Scripting.. webapps exploit for Hardware platform
| VAR-E-202004-0257 |
CVE-2020-3161 |
Cisco IP Phone 11.7 - Denial of service (PoC) - Hardware dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202004-1234 | EDB ID: 48342 |
Cisco IP Phone 11.7 - Denial of service (PoC). CVE-2020-3161 . dos exploit for Hardware platform
| VAR-E-202003-0030 |
CVE-2019-20499 |
DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit) - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-202003-0962 | EDB ID: 48274 |
DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit). CVE-2019-20499 . remote exploit for Hardware platform