VARIoT IoT exploits database

Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC). CVE-2018-4441 . local exploit for Hardware platform

Rockwell Automation Allen-Bradley PowerMonitor 1000 suffers from a cross site scripting vulnerability.

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass. CVE-2018-19616 . webapps exploit for Hardware platform

NUUO NVRMini2 3.9.1 - (Authenticated) Command Injection. CVE-2018-15716 . webapps exploit for PHP platform

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting.. webapps exploit for Hardware platform

Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution (PoC). CVE-2018-4386 . webapps exploit for Hardware platform

Schneider Electric PLC - Session Calculation Authentication Bypass. CVE-2017-6026 . webapps exploit for Hardware platform

MOXA EDS-G512E is prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks.

D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity.

Using a web browser or script server-side request forgery (SSRF) can be initiated against internal/external systems to conduct port scans by leveraging D-LINK's MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.

The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are originating from the D-LINK network running the afflicted FTP Server and not you. Version 1.03 r0098 is affected.

Advantech WebAccess SCADA 8.3.2 - Remote Code Execution. CVE-2018-15707CVE-2018-15705 . webapps exploit for ASP platform

Das U-Boot is prone to multiple local arbitrary code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the U-Boot instance. Failed exploit attempts will likely cause a denial-of-service condition.

ZyXEL VMG3312-B10B versions prior to 1.00 (AAPP.7) suffer from a credential disclosure vulnerability.

ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure.. dos exploit for Hardware platform

D-Link DSL-2640T suffers from a cross site scripting vulnerability.

Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.

A cross site scripting vulnerability has been discovered in the AIR5443v2 modem of the AirTies manufacturer. AirTies Air 5443v2 devices have XSS via the top.html productboardtype parameter.