VARIoT IoT vulnerabilities database

TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.

An oversight in BCB handling of reboot reason that allows for persistent code execution

U-Boot vulnerability resulting in persistent Code Execution 

U-Boot shell vulnerability resulting in Privilege escalation in a production device

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application

The caddy-geo-ip (aka GeoIP) middleware through 0.6.0 for Caddy 2, when trust_header X-Forwarded-For is used, allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism (trusted_proxy directive in reverse_proxy or IP address range restrictions).

A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112. It has been rated as critical. This issue affects the function setDdnsCfg/setDynamicRoute/setFirewallType/setIPSecCfg/setIpPortFilterRules/setLancfg/setLoginPasswordCfg/setMacFilterRules/setMtknatCfg/setNetworkConfig/setPortForwardRules/setRemoteCfg/setSSServer/setScheduleCfg/setSmartQosCfg/setStaticDhcpRules/setStaticRoute/setVpnAccountCfg/setVpnPassCfg/setVpnUser/setWiFiAclAddConfig/setWiFiEasyGuestCfg/setWiFiGuestCfg/setWiFiRepeaterConfig/setWiFiScheduleCfg/setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247247. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of X5000R The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. of netgear RBR750 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

EG2000SE is a multi-service router. Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000SE has an information leakage vulnerability. An attacker can use this vulnerability to obtain sensitive information.

EG2000SE is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000SE has an information leakage vulnerability. An attacker can use this vulnerability to obtain sensitive information.

EG2000SE is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000SE has an information leakage vulnerability. An attacker can use this vulnerability to obtain sensitive information.

EG2000SE is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000SE has an information leakage vulnerability. An attacker can use this vulnerability to obtain sensitive information.

EG2000SE is a multi-service router. Beijing Xingwang Ruijie Network Technology Co., Ltd. EG2000SE has an information leakage vulnerability. An attacker can use this vulnerability to obtain sensitive information.

A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-247162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. D-Link Systems, Inc. of dar-7000 The firmware has SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-X Electronic Equipment (Shanghai) Co., Ltd. DAR-7000 is an Internet behavior audit gateway. D-X Electronic Equipment (Shanghai) Co., Ltd. The vulnerability stems from the lack of verification of the external input SQL statement in the parameter id of the file /user/inc/workidajax.php. An attacker can exploit this vulnerability to execute illegal SQL commands and steal sensitive data from the database

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247161 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. D-Link Systems, Inc. of DIR-846 An untrusted data deserialization vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-846 is a wireless router made by China D-Link Company. D-Link DIR-846 has a deserialization vulnerability. An attacker can exploit this vulnerability to cause code execution

Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode. Shenzhen Tenda Technology Co.,Ltd. of w30e An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the function formDeleteMeshNode failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service. attack

Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet. Shenzhen Tenda Technology Co.,Ltd. of AX3 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda Ax3 is an Ax1800 Gigabit port dual-band Wifi 6 wireless router from China's Tenda Company. The vulnerability is caused by the failure of the handler function of /goform/telnet to correctly filter special characters, commands, etc. in the constructed command

Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name. Shenzhen Tenda Technology Co.,Ltd. of AX3 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda Ax3 is an Ax1800 Gigabit port dual-band Wifi 6 wireless router from China's Tenda Company. This vulnerability is caused by the function set_device_name failing to correctly verify the length of input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet. Shenzhen Tenda Technology Co.,Ltd. of w30e There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the failure of the handler function of /goform/telnet to correctly filter special characters, commands, etc. in the constructed command

Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg. Shenzhen Tenda Technology Co.,Ltd. of w30e An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the function UploadCfg failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service. attack